Development
This commit is contained in:
parent
65c5b61ca7
commit
c0ba3e76b7
5 changed files with 226 additions and 13 deletions
|
|
@ -77,10 +77,21 @@
|
|||
"input_type": "select",
|
||||
"value": "%RADIUS_APPLY_TO%",
|
||||
"options": [
|
||||
{"value": "all", "label": "All clients"},
|
||||
{"value": "wireless", "label": "Wireless clients only (NAS-Port-Type = Wireless-802.11)"}
|
||||
{"value": "all", "label": "All clients"},
|
||||
{"value": "wireless", "label": "Wireless clients only (NAS-Port-Type = Wireless-802.11)"},
|
||||
{"value": "huntgroup", "label": "Wireless clients only (AP huntgroup by IP)"}
|
||||
],
|
||||
"hint": "Scoping to wireless only prevents the DEFAULT rule from assigning a VLAN to unknown wired switch ports."
|
||||
"hint": "Scoping to wireless only prevents the DEFAULT rule from assigning a VLAN to unknown wired switch ports. Huntgroup is more precise but requires AP IPs below."
|
||||
},
|
||||
{
|
||||
"type": "field",
|
||||
"label": "Access Point IPs",
|
||||
"name": "ap_ips",
|
||||
"input_type": "textarea",
|
||||
"value": "%RADIUS_AP_IPS%",
|
||||
"rows": 4,
|
||||
"hint": "One IP address per line. Used when Apply DEFAULT Rule To is set to huntgroup.",
|
||||
"placeholder": "192.168.1.10\n192.168.1.11"
|
||||
},
|
||||
{
|
||||
"type": "button_row",
|
||||
|
|
@ -97,6 +108,87 @@
|
|||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "card",
|
||||
"label": "Fallback VLAN",
|
||||
"client_requirement": "client_is_administrator+",
|
||||
"items": [
|
||||
{
|
||||
"type": "p",
|
||||
"text": "Unknown or unregistered devices are assigned to this VLAN. For wired switch ports, also set the fallback network in the switch configuration."
|
||||
},
|
||||
{
|
||||
"type": "form",
|
||||
"action": "/action/radius/default_vlan_save",
|
||||
"method": "post",
|
||||
"items": [
|
||||
{
|
||||
"type": "field",
|
||||
"label": "Fallback VLAN",
|
||||
"name": "default_vlan",
|
||||
"input_type": "select",
|
||||
"value": "%RADIUS_DEFAULT_VLAN%",
|
||||
"options": "%RADIUS_DEFAULT_VLAN_OPTIONS%",
|
||||
"hint": "Devices not in the RADIUS user list will be placed on this VLAN."
|
||||
},
|
||||
{
|
||||
"type": "button_row",
|
||||
"items": [
|
||||
{
|
||||
"type": "button_primary",
|
||||
"text": "Save"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "card",
|
||||
"label": "EAP Settings",
|
||||
"client_requirement": "client_is_administrator+",
|
||||
"items": [
|
||||
{
|
||||
"type": "p",
|
||||
"text": "These settings are required for MAC-based 802.1X authentication on managed switches."
|
||||
},
|
||||
{
|
||||
"type": "form",
|
||||
"action": "/action/radius/eap_save",
|
||||
"method": "post",
|
||||
"items": [
|
||||
{
|
||||
"type": "field",
|
||||
"label": "",
|
||||
"name": "allow_weak_eap",
|
||||
"input_type": "checkbox",
|
||||
"checkbox_label": "Allow weak EAP types",
|
||||
"value": "%RADIUS_ALLOW_WEAK_EAP%",
|
||||
"hint": "Enables EAP-MD5. Required for switch port MAC-based 802.1X authentication."
|
||||
},
|
||||
{
|
||||
"type": "field",
|
||||
"label": "",
|
||||
"name": "tunneled_reply",
|
||||
"input_type": "checkbox",
|
||||
"checkbox_label": "Use tunneled reply (EAP-TTLS / EAP-PEAP)",
|
||||
"value": "%RADIUS_TUNNELED_REPLY%",
|
||||
"hint": "Sets use_tunneled_reply = yes in EAP-TTLS and EAP-PEAP modules. Required for switch MAC authentication."
|
||||
},
|
||||
{
|
||||
"type": "button_row",
|
||||
"items": [
|
||||
{
|
||||
"type": "button_primary",
|
||||
"text": "Save"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "card",
|
||||
"label": "Logging",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue