Add
eric@ut3 Calling-Station-Id == 02:1B:9E:D3:0B:F0
inside radcheck table or inside users file
eric@ut3 Cleartext-Password := "eric", Simultaneous-Use := 1
Calling-Station-Id == 02:1B:9E:D3:0B:F0
Service-Type = Framed-User,
Qos-Policy-Policing = broadband_128_policing,
Qos-Policy-Metering = broadband_128_metering,
Framed-Protocol = PPP,
Ip_Address_Pool_Name = pool_128,
Framed-Address = 255.255.255.254,
Framed-Netmask = 255.255.255.255,
Fall-Through = 0
NOtice the double "=" sign....
On 8.4.2013 13:18, Mulindwa wrote:
Hi good pple, have been reading on how to enforce the attribute of
Mac-Addr and i have not seen it anywhere.
Has anyone done it before, please help throw some light on how i can
achieve this.
I want user eric@ut3 with this Mac Address to log in , and if the MAC
address is different he will not be granted access.
eric@ut3 Cleartext-Password := "eric", Simultaneous-Use := 1
Mac-Addr = 02-1B-9E-D3-0B-F0,
Service-Type = Framed-User,
Qos-Policy-Policing = broadband_128_policing,
Qos-Policy-Metering = broadband_128_metering,
Framed-Protocol = PPP,
Ip_Address_Pool_Name = pool_128,
Framed-Address = 255.255.255.254,
Framed-Netmask = 255.255.255.255,
Fall-Through = 0
Eric M
------------------------------------------------------------------------
*From:* Mulindwa <meri...@yahoo.com>
*To:* FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
*Sent:* Friday, April 5, 2013 9:07 AM
*Subject:* Re: MAC Address Auth
Thanks Mattias,
I get an error saying; Unknown attribute "Attr-2352-145"
This is how i have it setup
user20001@ut3 Password = "006060", Simultaneous-Use = 1
Attr-2352-145 = "5c-7d-5e-3f-d0-f7",
Service-Type = Framed-User,
Qos_Policy_Policing = broadband_128_policing,
Qos_Policy_Metering = broadband_128_metering,
Framed-Protocol = PPP,
Ip_Address_Pool_Name = pool_128,
Framed-Address = 255.255.255.254,
Framed-Netmask = 255.255.255.255,
Fall-Through = 0
Eric M
------------------------------------------------------------------------
*From:* Matthias Nagel <matthias.h.na...@gmail.com>
*To:* freeradius-users@lists.freeradius.org
*Sent:* Thursday, April 4, 2013 5:41 PM
*Subject:* Re: MAC Address Auth
Hello,
add the correct check item to your user database. In the case below
(User-Name = user2000@ut3) you should have the check item
Attr-2352-145 == "5c-7d-5e-3f-d0-f7"
for this speicifc user in your user database. Then you repeat this for
every user/mac-address pair you want.
Best regards, Matthias
Am Donnerstag 04 April 2013, 07:25:55 schrieb Mulindwa:
> Great, i have run the debug and i did get the attribute required.
> If i want to full fill the two conditions i.e username/passwd and
Mac Address = Attr-2352-145
>
> How would i need to twick my radiusd.conf file to achieve this?
>
>
>
>
> User-Name = "user2000@ut3"
> CHAP-Password = "cccddd'"
> CHAP-Challenge = "mmmm"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Identifier = "UT-BRAS-EDGE"
> NAS-IP-Address = x.x.x.x
> NAS-Port = 855649483
> NAS_Real_Port = 855638816
> NAS-Port-Type = Virtual
> Attr-87 = "3/3 vlan-id 800 pppoe 11467"
> Medium_Type = 11
> Attr-2352-145 = "5c-7d-5e-3f-d0-f7" ==== MAC Address
> Attr-2352-98 = "3"
> Attr-2352-112 = "6.2.1.9"
> Acct-Session-Id = "0202FFFF68008FC9-515D8419"
>
>
> Eric M
>
>
> ________________________________
> From: Mulindwa <meri...@yahoo.com <mailto:meri...@yahoo.com>>
> To: Alan DeKok <al...@deployingradius.com
<mailto:al...@deployingradius.com>>; FreeRadius users mailing list
<freeradius-users@lists.freeradius.org
<mailto:freeradius-users@lists.freeradius.org>>
> Sent: Thursday, April 4, 2013 4:58 PM
> Subject: Re: MAC Address Auth
>
>
> Thanks Alan,
>
> Let me do so.
>
>
> Eric M
>
>
> ________________________________
> From: Alan DeKok <al...@deployingradius.com
<mailto:al...@deployingradius.com>>
> To: Mulindwa <meri...@yahoo.com <mailto:meri...@yahoo.com>>;
FreeRadius users mailing list <freeradius-users@lists.freeradius.org
<mailto:freeradius-users@lists.freeradius.org>>
> Sent: Thursday, April 4, 2013 4:47 PM
> Subject: Re: MAC Address Auth
>
> Mulindwa wrote:
> > Hi All,
> >
> > Have been trying to authenticate my ADSL users using Mac Address Auth,
> > however i have failed even after going through the documentation.
> >
> > I want to authenticate with the highlighted, anyone done this and
can help?
>
> It's been done.
>
> > This is how the accounting file looks;
>
> If you're trying to debug authentication, it helps to look at
> *authentication* traffic, and not *accounting* data.
>
> And run the server in debugging mode as suggested in the FAQ, "man"
> page, web pages, and daily on this list.
>
> Honestly, there is NO excuse for refusing to do this.
>
> Alan DeKok.
>
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
----------------------------------------------------------------------
Matthias Nagel
Willy-Andreas-Allee 1, Zimmer 506
76131 Karlsruhe
Telefon: +49-721-8695-1506
Mobil: +49-151-15998774
e-Mail: matthias.h.na...@gmail.com <mailto:matthias.h.na...@gmail.com>
ICQ: 499797758
Skype: nagmat84
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
