Hi,
I also tried MAC based authentication. Users can logged in successfully but
if some others users know the MAC he can also connect. How to check MAC
against CLI. Any help
Best regards,
Fazal
----- Original Message -----
From: "Teguh Kurniawan" <teguhkurniawanwij...@gmail.com>
To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
Sent: Tuesday, March 16, 2010 1:52 AM
Subject: Re: Mac Auth with MySQL
On Tue, Mar 16, 2010 at 2:33 AM, Alan Buxey <a.l.m.bu...@lboro.ac.uk>
wrote:
Hi,
I'll try to make Mac Authentication with MySQL backend. But I always
rejected.
Mac Authentication only works if I add like the following lines into
the /etc/raddb/users.
90:4 C: E5: 6C: 7E: B6 Auth-Type: = Accept
I use OpenBSD 4.6, FreeRadius 2.1.3 and MySQL 5.0.83.
What should I do, to make it work with MySQL ?
very easy. just set the username to the MAC address and set the value of
the
clear text password to be the MAC address to. i dont know WHY you've set
the
value to 'testpwd' - when you use MAC authentication, then the password
is the MAC. ie
Database changed
mysql> select * from radcheck;
+----+-------------------+-----------+----+---------+
| id | username | attribute | op | value |
+----+-------------------+-----------+----+---------+
| 2 | 90:4C:E5:6C:7E:B6 | Password | == | testpwd |
+----+-------------------+-----------+----+---------+
nope. use this
id username attribute op value
10 90:4C:E5:6C:7E:B6 Cleartext-Password := 90:4C:E5:6C:7E:B6
Tue Mar 16 00:40:41 2010 : Debug: WARNING: Are you sure you don't mean
Cleartext-Password?
see that hint?
if your kit doesnt transmit the correct details in the RADIUS - ie it
doesnt
transmit the MAC as the password, then you'll have to set the Accept..but
that
can also be done in the SQL! eg
id username attribute op value
11 90:4C:E5:6C:7E:B6 Auth-Type := Accept
it work's. Thank's
alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html