Its alive!! Using your radcheck configuration the Cisco 1200 APs work with freeradius <wipes brow>. But of course, I have another problem...the Orinoco APs don't work with this configuration! Some debugging brought me to this conclusion on what will work for the different access points:
**************** ORINOCO AP **************** +-----+--------------+---------------+--------------+-----+ | id | UserName | Attribute | Value | op | +-----+--------------+---------------+--------------+-----+ | 123 | MacAddress | User-Password | SharedSecret | == | +-----+--------------+---------------+--------------+-----+ **************** CISCO AP **************** +-----+--------------+---------------+-------------+-----+ | id | UserName | Attribute | Value | op | +-----+--------------+---------------+-------------+-----+ | 123 | MacAddress | User-Password | MacAddress | == | +-----+--------------+---------------+-------------+-----+ So what now? I could create 2 different tables, then use something (please help me here, huntgroups?) to tell freeradius which type of AP is making the request, then use the correct sql statement to select on mysql. Fun, Fun. Another option is to modify the modcall[authorize] sql statement to say something like if "Username = MacAddress OR Username = SharedSecret". The problem is that "Username will never equal SharedSecret"! Im almost there...Please Help! -- Mike Hall Telecom Analyst -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 12, 2003 3:36 PM To: [EMAIL PROTECTED] Subject: (no subject) On a Cisco AP 340 or better, MAC-based Auth. uses the MAC-address of the client as both the user and password. In your radcheck table, UserName is MAC-address, Attribute is 'Password', op is '==' and Value is MAC-address. Works great and you do not have to restart radius when you add MAC-addresses. Hope this helps. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html