Hello Eric, two remarks. The first one replies to your question, the second is a comment on your user entry.
1) At the moment I believe that you either have a very old FreeRADIUS installation or that you broke your configuration with regard to the dictonary files. "Atttr-2352-145" is a Redback attribute (Vendor ID 2352) and means "Mac-Addr" (Atrribute ID 145). In my installation (Debian Squeeze, Freeradius 2.1.10) this attribute is already contained in the dictionary files out of the box. Hence, Freeradius should replace all occurences of "Atttr-2352-145" by the more friendly name "Mac-Addr" and one should use that in the user file, too. But if your debug output and your accounting logs show "Atttr-2352-145" instead of "Mac-Addr", then Freeradius does not seem to know this attribute, which means something is broken. 2) For a moment ignore the problem about the unknown attribute "Attr-2352-145". Anyway you must use this attribute (or "Mac-Addr") as a check item not as a reply item and the correct operator is "==" not "=". (See my last mail and http://freeradius.org/radiusd/man/users.html). So it must be on the first line. I also doubt that you want Password = "006060", but Cleartext-Password := "006060" instead. Read http://freeradius.org/radiusd/man/users.html. Matthias PS @ Alan DeKoK: I believe I found the problem, why so many people use "=" instead of the correct operator. The doc (http://freeradius.org/radiusd/man/users.html) says: "Each item in the check or reply item list is an attribute of the form name = value" (2nd paragraph). Perhaps it would be better to write: "Each item in the check or reply item list is an attribute of the form 'name op value'". This would make clear that "op" is not always "=". Am Donnerstag 04 April 2013, 23:07:02 schrieb Mulindwa: > Thanks Mattias, > > I get an error saying; Unknown attribute "Attr-2352-145" > > This is how i have it setup > > > user20001@ut3 Password = "006060", Simultaneous-Use = 1 > Attr-2352-145 = "5c-7d-5e-3f-d0-f7", > Service-Type = Framed-User, > Qos_Policy_Policing = broadband_128_policing, > Qos_Policy_Metering = broadband_128_metering, > Framed-Protocol = PPP, > Ip_Address_Pool_Name = pool_128, > Framed-Address = 255.255.255.254, > Framed-Netmask = 255.255.255.255, > Fall-Through = 0 > > > > Eric M > > > ________________________________ > From: Matthias Nagel <matthias.h.na...@gmail.com> > To: freeradius-users@lists.freeradius.org > Sent: Thursday, April 4, 2013 5:41 PM > Subject: Re: MAC Address Auth > > Hello, > add the correct check item to your user database. In the case below > (User-Name = user2000@ut3) you should have the check item > Attr-2352-145 == "5c-7d-5e-3f-d0-f7" > for this speicifc user in your user database. Then you repeat this for every > user/mac-address pair you want. > Best regards, Matthias > > Am Donnerstag 04 April 2013, 07:25:55 schrieb Mulindwa: > > Great, i have run the debug and i did get the attribute required. > > If i want to full fill the two conditions i.e username/passwd and Mac > > Address = Attr-2352-145 > > > > How would i need to twick my radiusd.conf file to achieve this? > > > > > > > > > > User-Name = "user2000@ut3" > > CHAP-Password = "cccddd'" > > CHAP-Challenge = "mmmm" > > Service-Type = Framed-User > > Framed-Protocol = PPP > > NAS-Identifier = "UT-BRAS-EDGE" > > NAS-IP-Address = x.x.x.x > > NAS-Port = 855649483 > > NAS_Real_Port = 855638816 > > NAS-Port-Type = Virtual > > Attr-87 = "3/3 vlan-id 800 pppoe 11467" > > Medium_Type = 11 > > Attr-2352-145 = "5c-7d-5e-3f-d0-f7" ==== MAC Address > > Attr-2352-98 = "3" > > Attr-2352-112 = "6.2.1.9" > > Acct-Session-Id = "0202FFFF68008FC9-515D8419" > > > > > > Eric M > > > > > > ________________________________ > > From: Mulindwa <meri...@yahoo.com> > > To: Alan DeKok <al...@deployingradius.com>; FreeRadius users mailing list > > <freeradius-users@lists.freeradius.org> > > Sent: Thursday, April 4, 2013 4:58 PM > > Subject: Re: MAC Address Auth > > > > > > Thanks Alan, > > > > Let me do so. > > > > > > Eric M > > > > > > ________________________________ > > From: Alan DeKok <al...@deployingradius.com> > > To: Mulindwa <meri...@yahoo.com>; FreeRadius users mailing list > > <freeradius-users@lists.freeradius.org> > > Sent: Thursday, April 4, 2013 4:47 PM > > Subject: Re: MAC Address Auth > > > > Mulindwa wrote: > > > Hi All, > > > > > > Have been trying to authenticate my ADSL users using Mac Address Auth, > > > however i have failed even after going through the documentation. > > > > > > I want to authenticate with the highlighted, anyone done this and can > > > help? > > > > It's been done. > > > > > This is how the accounting file looks; > > > > If you're trying to debug authentication, it helps to look at > > *authentication* traffic, and not *accounting* data. > > > > And run the server in debugging mode as suggested in the FAQ, "man" > > page, web pages, and daily on this list. > > > > Honestly, there is NO excuse for refusing to do this. > > > > Alan DeKok. > > > > > > > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > ---------------------------------------------------------------------- > Matthias Nagel > Willy-Andreas-Allee 1, Zimmer 506 > 76131 Karlsruhe > > Telefon: +49-721-8695-1506 > Mobil: +49-151-15998774 > e-Mail: matthias.h.na...@gmail.com > ICQ: 499797758 > Skype: nagmat84 > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ---------------------------------------------------------------------- Matthias Nagel Willy-Andreas-Allee 1, Zimmer 506 76131 Karlsruhe Telefon: +49-721-8695-1506 Mobil: +49-151-15998774 e-Mail: matthias.h.na...@gmail.com ICQ: 499797758 Skype: nagmat84 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
