Hi
All
Need some advice
please. Using Mikrotik as a NAS. Wireless clients connect to
Mikrotik and i've got RADIUS MAC authentication setup on the Mikrotik. So
all the clients MAC addresses are sent to the FreeRadius box in format
00:00:00:00:00:00 (which is the username) and blank password. So in the
freeradius mysql db, i've got the following:
In the radcheck
table, i've got the mac as the username and blank password. In usergroup,
i link the mac username to a group called Wireless. In Radgroupcheck i've
got an entry for the Wireless group and telling it Auth-Type := Local. In
Radgroupreply i only pass a service-type attribute for the wireless group with
framed-user as value.
Authentication seems
to happen okay. In the radpostauth, i get an entry for the username, chap
password authentication and access-accept message. The wireless client
connect and get a DCHP ip from a pool in the Mikrotik NAS.
Question: Is it
possible to see which mac addresses/usernames got access-reject messages?
I did take my mac out of the list and couldn't connect, but didn't get any
messages in the radpostauth table.
Also, i'm not
getting any accounting in the accounting table. Do you only get accounting
from making a PPP connection? Or is it possible to do RADIUS MAC
authentication and get accounting detail from the session?
Any help would be
appreciated.
Eldridge
NOTICE: Please note that this eMail, and the contents thereof,
is subject to the standard NMMU eMail disclaimer which may be found at:
<http://www.nmmu.ac.za/disclaimer/email.htm>>
is subject to the standard NMMU eMail disclaimer which may be found at:
<http://www.nmmu.ac.za/disclaimer/email.htm>>
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html