I'm trying to set up a wireless network where I would like to assign different access rights to the network for a couple of groups of users. I would like to use RADIUS for the authentication. As far as I can tell, it isn't possible to use a dynamic VLAN assigned by the RADIUS server with the Omada Controller/EAP225, is that correct? Seems like it would be a really useful feature to add to a future update!
If I can't use a dynamic VLAN, I could of course use different SSIDs for each group, each with their own VLAN assigned in the controller, however, is it possible to then use a single RADIUS server for both SSIDs, and only allow appropriate users access each SSID. I can't see how to configure the RADIUS server to pick up which SSID the access is coming from, and therefore only allow user1 on ssid1 and user2 on ssid2, but have them both in the same RADIUS. Anyone know how to do this, or got some pointers?
I'm using freeradius (running on pfSense).