hi
finally, i installed freeradius and mysql .and i add users.
Now i'm working whith daloradius.
first, i add other user by daloradius and now i add MAC Address Authentication.
I know i may do radtest user password ip-adress port secret to test a serin my
radius . but i want to know h
ar/log/radius/radius-MAC/radacct/reply-detail-20070829
> modcall[post-auth]: module "reply_log" returns ok for request 2
> modcall: group post-auth returns ok for request 2
> Sending Access-Accept of id 39 to 192.168.214.99:1645
> Service-Type = Framed-User
>
is transaction is repeated over and over and over again.
I have also tried commenting out all instances of "eap" from radiusd.conf,
hoping
to do non-wep mac address authentication, as a list effort. I then remove
WEP support from the supplicant and Cisco AP. While freeradius re
Thank you Alan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
g] On Behalf Of Alan DeKok
Sent: Wednesday, June 27, 2007 9:46 AM
To: FreeRadius users mailing list
Subject: Re: Version 1.1.6 - Mac Address Authentication/vlan tagging
Brian Ertel wrote:
> Which file
Brian Ertel wrote:
> Which file do I need to modify to assign vlan tags to unknown mac
> addresses?
The "users" file. You have to tell the server to accept the request,
and then assign the RADIUS attributes that put it into a VLAN.
See your NAS documentation for how to assign VLANs.
Alan
- Mac Address Authentication/vlan tagging
Brian Ertel wrote:
> I wasn't able to find an answer to this on the archives. Now, here is
> the set up: Freeradius Ver. 1.1.6 on centOS V.5. I am testing a Cisco
> 2000 Series Wireless LAN Controller and am trying to figure out a way
to
nt: Sat 6/23/2007 2:51 AM
To: FreeRadius users mailing list
Subject: Re: Version 1.1.6 - Mac Address Authentication/vlan tagging
Brian Ertel wrote:
> I wasn't able to find an answer to this on the archives. Now, here is
> the set up: Freeradius Ver. 1.1.6 on centOS V.5. I am testin
Brian Ertel wrote:
> I wasn't able to find an answer to this on the archives. Now, here is
> the set up: Freeradius Ver. 1.1.6 on centOS V.5. I am testing a Cisco
> 2000 Series Wireless LAN Controller and am trying to figure out a way to
> put unknown users (via their MAC Address) into a limited
Hello all,
I wasn't able to find an answer to this on the archives. Now, here is
the set up: Freeradius Ver. 1.1.6 on centOS V.5. I am testing a Cisco
2000 Series Wireless LAN Controller and am trying to figure out a way to
put unknown users (via their MAC Address) into a limited access vlan.
So
Hi list,
Plz explain the overview of how to enable mac address based authentication
where all the three parameters (uid, userPassword and radiusCallingStationId
are matched from the ldap database)..
at presently am able to do uid + userPassword successfully from openldap
database
--
Registerd
ldap queries are working fine, below is the log..
Plz just explain the overview of how to enable mac address based
authentication where all the three parameters (uid, userPassword and
radiusCallingStationId are matched from the ldap database)..
PS: A paper presentation contest is to begin from t
Shobhit Jindal wrote:
> how to implement the above?(this is the question that eludes me)
>
> PS: i would really like to know why filtering the ldap database using
> uid works and fails while using radiusCallingStationId
See your LDAP documentation.
Run LDAP queries by hand until you get the
On 2/13/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
> radiusCallingStationId: 00-90-4B-ED-AB-52
Please read the documentation and the debug output. This entry in
LDAP says "send the Calling-Station-Id attribute in the Access-Accept".
It is documented as doing that, and the debug log shows it's
Shobhit Jindal wrote:
> yeah upgrading is high on my list :)
>
> rlm_passwd says it provides authorization via files but i need it via LDAP.
> I didnt get much from your reply, here's what am doing presently
> plz suggest how should i proceed.
>
...
> radiusCallingStationId: 00-90-4B-ED-AB-52
yeah upgrading is high on my list :)
rlm_passwd says it provides authorization via files but i need it via LDAP.
I didnt get much from your reply, here's what am doing presently
plz suggest how should i proceed.
Shobhit Jindal wrote:
> am using freeradius 1.0.1 with openldap 2.2.13 at its backend on CentOS 4.4
You should really upgrade. See http://freeradius.org/security.html
> its repeatedly mentioned on mailling lists that MAC authentication is
> possible but i cant figure out how to do so
For w
lists am
able to do username/password authentication successfully using PEAP but am
unable to get MAC authentication working and have run out of my wits
myself had followed the tutorial on
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
which worked great but am stuck on MAC address authentication
lists am
able to do username/password authentication successfully using PEAP but am
unable to get MAC authentication working and have run out of my wits
myself had followed the tutorial on
http://vuksan.com/linux/dot1x/802-1x-LDAP.html which worked great but am
stuck on MAC address authentication
: Friday, January 05, 2007 2:06 PM
To: freeradius-users@lists.freeradius.org
Subject: Mac-Address authentication
Hi
I m running a radius server. Can anybody guide me to authentication based on
userid+password+mac-address. What should be the entries in /etc/raddb/users
file.
Thanks
Harish
-
List
Quoting Harish Sharma <[EMAIL PROTECTED]>:
> Hi
>
> I m running a radius server. Can anybody guide me to authentication based on
> userid+password+mac-address. What should be the entries in /etc/raddb/users
> file.
bobd Calling-Station-Id != "00-00-4A-35-28-00", Auth-Type := Reject
bobd User
Hi
I m running a radius server. Can anybody guide me to authentication based on
userid+password+mac-address. What should be the entries in /etc/raddb/users
file.
Thanks
Harish
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi everyone,
I read through some of threads about
using MAC address authentication, but the issue still wasn’t solved. I am
new to this field, and I want to implement a FreeRadius server to communicate
with Cisco Aironet 1200 Access Point using
MAC address authentication method
Tel/Fax: +54 (291) 456-5642
[EMAIL PROTECTED]
http://www.desetech.com.ar
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Carlos Rosero
Sent: Wednesday, July 12, 2006
1:39 PM
To: 'FreeRadius users mailing
list'
Subject: RE: freeradius with mac
address auth
7;
Subject: RE: freeradius with mac
address authentication
I have an example with
“users” file (plain text)
it serves to you?
Germán P. Santillán
Administrador de Redes
Responsable Dpto. Técnico
DESETech Argentina S.A.
San Martín 133 - CP: B8000FIC
Bahía Blanca - Argentina
Tel/Fax
://www.desetech.com.ar
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Carlos Rosero
Sent: Tuesday, July 11, 2006 7:33
PM
To: freeradius-users@lists.freeradius.org
Subject: freeradius with mac
address authentication
Hi, I am new in this, I am looking for a tutorial
Hi, I am new in this, I am looking for a tutorial that let
me know how to configure freeradius with mac address authentication.
Thanks,
Carlos Rosero S.
www.uaa.edu
787-834-9595 x2203
[EMAIL PROTECTED]
--
This message has been scanned for viruses and
dangerous content
thanks for your help, i'll try this asap and provide feedback.
2006/4/12, brainstorm <[EMAIL PROTECTED]>:
> Solved the problem a couple of weeks ago... the error was actually in
> eap.conf, the following two attributes were required when the MAC
> check was active:
>
> peap: copy_request_to_tunnel
Solved the problem a couple of weeks ago... the error was actually in
eap.conf, the following two attributes were required when the MAC
check was active:
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
I set them both to yes and it worked !
Thanks for your support.
>
> Hmm. I st
brainstorm wrote:
I've tried your recommendations but it does not work as expected:
using "Reject" as rlm_passwd's "authtype" (as you suggested), the user
is always rejected, even when the MAC is in the file and is actually
found:
Yes sorry, that was wrong. Clearly "authtype = Reject" will fail
I've tried your recommendations but it does not work as expected:
using "Reject" as rlm_passwd's "authtype" (as you suggested), the user
is always rejected, even when the MAC is in the file and is actually
found:
modcall[authorize]: module "MAC-IP" returns ok for request 0
Furthermore, if I chang
>
> Please read the docs. This comments right above the "passwd" module in
> the default config are VERY SPECIFIC. The format is:
>
> format = "*Key-Value:~Request-Value:=Reply-Value:Configure-Value"
>
> That is, the radius attribute "Key-Value" is the first field.
> Request-Value (prefix ~) will b
brainstorm wrote:
I'm trying to implement a similar scenario: I am using PEAP, and I
want to check if a given mac is in my database. In my case, the MACs
file looks like this:
0030.0996.CF52:192.168.12.1
I would like to match the first field (MAC) with the NAS
"Calling-Station-Id" attribute, if
I'm trying to implement a similar scenario: I am using PEAP, and I
want to check if a given mac is in my database. In my case, the MACs
file looks like this:
0030.0996.CF52:192.168.12.1
I would like to match the first field (MAC) with the NAS
"Calling-Station-Id" attribute, if this check fails, I
Guillaume <[EMAIL PROTECTED]> wrote:
> ok, if i understand the manpage of dictionary & rlm_passwd, i have to
> add this line in:
> ##Dictionary file##
> ATTRIBUTEmac-address 3001 string
Why? That attribute won't ever appear in a packet.
You have to use an attribute that w
2006/3/3, Alan DeKok <[EMAIL PROTECTED]>:
> Guillaume <[EMAIL PROTECTED]> wrote:
> > I try to set a mac authentication and a certificates based
> > authentication, but in the freeradius.cnf i dont find any entry for
> > loading a list of authorised MAC address.
>
> That's because the server doesn
Guillaume <[EMAIL PROTECTED]> wrote:
> I try to set a mac authentication and a certificates based
> authentication, but in the freeradius.cnf i dont find any entry for
> loading a list of authorised MAC address.
That's because the server doesn't come pre-configured to run on your
local system.
Hi guys!
I recently install a freeradius for test purpose in a WiFi
environement. But, i still a a problem, and I hope that you will be
able to help me. The radius server version is: 1.0.4.
I try to set a mac authentication and a certificates based
authentication, but in the freeradius.cnf i dont
I have linux fedora 3 and one lan
wifi.
I need to install a server freeradius for mac address authentication (only,
without certificates).
You can help me to configure the server
Thank you
_
¿Estás pensando en cambiar de coche
Hi,
> * 20 hotspots with a Linksys AP and a modified firmware (OpenWRT) and maybe
> chilispot.
> * Freeradius server
> * apache2 webserver
> * free-HS (SSID)
>
> The objective is to have some free hotspots on a certain area and the user,
> as
> soon as he chooses free-HS network, will be redir
Hi there, I'm sorry if this questions was already answered but I searched all
day today and didn't come up with anything usefull for this situation.
This is what I need.
There will be:
* 20 hotspots with a Linksys AP and a modified firmware (OpenWRT) and maybe
chilispot.
* Freeradius server
*
Yes, but I want the filter to work when the user's account expire (and
freeradius shouldnt reject expired account)
I am not sure if I was clear in my question, or?
Jason Peterson wrote:
You will want something like this in your /usr/local/etc/raddb/users file.
testuser Auth-Type :=
You will want something like this in your /usr/local/etc/raddb/users file.
testuser Auth-Type := Local, User-Password == "testuser",
Calling-Station-Id == "00-20-A6-4D-10-33"
Session-Timeout = 600,
Trapeze-VLAN-Name = "corp",
See Attribute Calling-Station-ID. I use CISCO 7200
router, and it sends us the user's MAC address into
this attribute.
Look at your FreeRADIUS logs to see if it is enclosed
into AccessRequest.
Geoffroy
--- Burak Sarrafi <[EMAIL PROTECTED]> a écrit :
> Hi all,
>
> I've a single and simple quest
Hi all,
I've a single and simple question. I hope u can help me.
I'm using Freeradiud and Cisco Cat series switch. I've done the
configuration between freeradios and switch.
Now using username & password auth. everythings is ok. But I want to
check client's macaddress at radius server. Username
Hello List! I'm implementing a AAA system for cable internet using docsis
modem using Cisco based CMTS. Client authentication via PPPOE works but I
also need to authenticate via MAC address in the users computer aside from
username and password. any suggestions on how to do this?
-
List info/s
45 matches
Mail list logo