i personally think that it's completely useless. implementing EAP or MAC authentication, meaning that one of both would work, is a huge security hole and requiring both is useless since EAP authentication implicitly filters away everything unauthenticated...
(even if i understand that might be necessary for current WiFi phones, etc., please be aware that under linux you can actually change the MAC address with one command...) ciao artur On 6/13/05, Alan DeKok <[EMAIL PROTECTED]> wrote: > "Jefri bin Dahari" <[EMAIL PROTECTED]> wrote: > > I plan to implement simultaneous MAC+EAP authentication for my wireless > > users. From my observation, Freeradius can only do either MAC or EAP but not > > MAC and EAP authentication. Can somebody gives me some hints on how to do > > that? > > It can do both. EAP is authentication, MAC checking isn't really > authentication. > > What are you seeing in RADIUS packets, and what do you want to happen? > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
