Jim Rice wrote:
The MikroTik routers can be configured to send a variety of MAC address
formats, the default is XX:XX:XX:XX:XX:XX
Which isn't the format recommended by the RFCs sigh.
It can also be set to include the same MAC address in the Password field,
instead of NULL, but I do not
On Wed, Feb 02, 2011 at 02:00:52PM -0600, Gary Gatten wrote:
On shared medium, I don't *think* dupe macs will cause much problem,
unless maybe a congestion algorithm tweaks traffic to/from that mac. I'm
not an expert in that area, just speaking from experience.
Layer 1
---
I have little
Greetings,
Still a newbie, but getting there... (Alan, do you ever sleep?)
I have been asked to implement MAC authentication for a local service provider
with a Canopy radio network and MikroTik routers. No, really.
I was able to test this and received Accept-Accept after placing the MAC
Jim Rice wrote:
Still a newbie, but getting there... (Alan, do you ever sleep?)
In a word: no.
I have been asked to implement MAC authentication for a local service
provider with a Canopy radio network and MikroTik routers. No, really.
I was able to test this and received
Thanks, Alan.
The MikroTik routers can be configured to send a variety of MAC address
formats, the default is XX:XX:XX:XX:XX:XX
It can also be set to include the same MAC address in the Password field,
instead of NULL, but I do not see any added benefit to that.
but had to set Auth-Type :=
=waddell@lists.freeradius.org] On
Behalf Of Jim Rice
Sent: Wednesday, February 02, 2011 1:15 PM
To: FreeRadius users mailing list
Subject: Re: MAC Authentication - Bad Idea?
Thanks, Alan.
The MikroTik routers can be configured to send a variety of MAC address
formats, the default
Hi,
Do I need to be concerned with MAC spoofing?
of course. theres also the issue that the link-layer is completely open
and unencrypted to any eavedropping/dodgy activity
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
We implemented MAC authentication with netreg at
http://netreg.sourceforge.net. We used DHCP/DNS/HTTP piece from
netreg. It's essence is DHCP/DHS/HTTP on one server.
Basically there will be a vlan we called sandbox with ip
helper-address pointing to sandbox.foo.edu. The DHCP is configured to
On Wed, Feb 02, 2011 at 11:15:13AM -0800, Jim Rice wrote:
Do I need to be concerned with MAC spoofing?
It's easy to do, so it will probably happen; this risk is weighed against
providing a service which is easy for your customers to use.
What happens if two people try to use the same MAC
, February 02, 2011 01:53 PM
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject: Re: MAC Authentication - Bad Idea?
On Wed, Feb 02, 2011 at 11:15:13AM -0800, Jim Rice wrote:
Do I need to be concerned with MAC spoofing?
It's easy to do, so it will probably happen
: MAC Authentication - Bad Idea?
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Date: Wednesday, February 2, 2011, 11:32 AM
We implemented MAC authentication
with netreg at
http://netreg.sourceforge.net. We used DHCP/DNS/HTTP
piece from
netreg. It's essence is DHCP/DHS
I think it depends on the OS, if a OS is trusting and accepts everything up
the stack from Layer 2 if the MAC address matches it could start to get
confused and cause all sorts of issues. If the device keeps some kind of state
table for connections and rejects all others there may not be
12 matches
Mail list logo