Sure no problem...I have made it so it is very easy to see who's mac
belongs to who..
--
-- Table structure for table `MACAUTH`
--
CREATE TABLE IF NOT EXISTS `MACAUTH` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`macaddress` varchar(64) NOT NULL,
`SSID` varchar(255) NOT NULL,
`CLIENT
Yeah I missed out a bunch of things, well done for figuring it out .
Would you mind dumping out the schema of your table, and I can add it and the
below snippet to the wiki for future users?
Thanks,
Arran
On May 2, 2011, at 6:51 AM, John Corps wrote:
> wow i totally overlooked that, many thanks
wow i totally overlooked that, many thanks Aaran! I have it setup and
working perfectly! Many many thanks again. The sql was wrong in your
post, missing some quotes or something so the working code was, my
complete authorize section:
authorize {
preprocess
rewrite_calling_station_i
John,
To be honest its probably easier to use SQL xlat then calling the SQL module if
you're just trying to determine whether a mac address is allowed to access an
SSID. SQL module is meant for more complex configurations.
Create a new table with two fields 'ssid' and 'macaddress'
authorize {
Do you have an example of how to accomplish this? I have tried a lot
of things but can't seem to get it to work. I have this in my
authorize section:
authorize {
preprocess
rewrite_calling_station_id
rewrite_called_station_id
sql
sql.authorize
if(notf
On Apr 28, 2011, at 1:13 PM, John Corps wrote:
> Thank you Aaran. It does indeed work. Is there an easy way of
> implementing the same functionality to work with calling the
> SSID.00-11-22-33-44-55 pulling from the radcheck sql table?
Sure, you can use Calling-Station-SSID as a check attribute
Thank you Aaran. It does indeed work. Is there an easy way of
implementing the same functionality to work with calling the
SSID.00-11-22-33-44-55 pulling from the radcheck sql table?
On Thu, Apr 28, 2011 at 3:27 PM, Arran Cudbard-Bell
wrote:
>
> On Apr 28, 2011, at 11:54 AM, John Corps wrote:
>
>
On Apr 28, 2011, at 11:54 AM, John Corps wrote:
> I have done a testing environment with the Mac-Auth section from the
> Wiki. http://wiki.freeradius.org/Mac-Auth
>
> Not to sure what module you would be referring to...only thing I could
> think of is the files module?
Updated the wiki page wit
1 AP with 2 WLAN SSIDs, I want list of macs
>> allowed access to SSID1 but not SSID2 and list of macs allowed access
>> to SSID2 and not SSID1. As far as I can see now it is a global list
>> for mac authentication and will be applied to all SSIDs. I noticed in
>> the "CAL
AP with 2 WLAN SSIDs, I want list of macs
> allowed access to SSID1 but not SSID2 and list of macs allowed access
> to SSID2 and not SSID1. As far as I can see now it is a global list
> for mac authentication and will be applied to all SSIDs. I noticed in
> the "CALLED-STATION-ID i
Just a quick question, hope someone has an answer. Does anyone know
how, or if its even possible, to do mac filtering for multiple
networks? Say I have 1 AP with 2 WLAN SSIDs, I want list of macs
allowed access to SSID1 but not SSID2 and list of macs allowed access
to SSID2 and not SSID1. As far
Rudolph Bott wrote:
> I have all the mac addresses (including the vlan attribute) in my users
> file. Can I just put in some user accounts as well and configure my
> switches to use the radius server for user authentication?
Yes.
> How do I separate the management-users from my 'fake' mac-addre
Hey Alan,
On 20.11.2010 11:26, Rudolph Bott wrote:
Hi Alan,
ok I'll try to be more specific:
I have all the mac addresses (including the vlan attribute) in my users
file. Can I just put in some user accounts as well and configure my
switches to use the radius server for user authentication?
H
Hi Alan,
ok I'll try to be more specific:
I have all the mac addresses (including the vlan attribute) in my users
file. Can I just put in some user accounts as well and configure my
switches to use the radius server for user authentication?
How do I separate the management-users from my 'fak
Rudolph Bott wrote:
> Ah yes, thanks - any hints on how to achieve this? Maybe I'm just using
> the wrong keywords for searching.
(a) configure user authentication
(b) configure MAC authentication
There is no real difference between the two, other than the format of
the User-Name attribute.
Am 19.11.2010 17:01, schrieb Alan DeKok:
Rudolph Bott wrote:
But I would also like to centralize my user accounts for switches and
routers - am I able to do this with the same radius setup?
Yes.
Ah yes, thanks - any hints on how to achieve this? Maybe I'm just using
the wrong keywords fo
Rudolph Bott wrote:
> But I would also like to centralize my user accounts for switches and
> routers - am I able to do this with the same radius setup?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey List,
I was just wondering - I have setup a freeradius server (stock packages
on SLES 11, I don't have the exact version athand since I don't have
access to the server right now) which is used for mac-based
authentication with cisco switches - including vlan assignment. This
works as inte
Hi
Ive got a debian router and a switch through which I provide internet
access to some of the residents of my building...I want to implement a
mechanism so that only the computers I specify can access the
Internet...I could do it through squid but if I do so it would allow
me only to restrict tra
Hi
Ive got a debian router and a switch through which I provide internet
access to some of the residents of my building...I want to implement a
mechanism so that only the computers I specify can access the
Internet...I could do it through squid but if I do so it would allow
me only to restrict tra
HelloI\'m trying to log the users MAc address using pppoe and FR + mysqli added AVpair to the users file "calling-station-id" but checkval could not find itenrlm_checkval: Could not find item named Calling-Station-Id in request
rlm_checkval: Could not find attribute named Calling-Station-Id in chec
21 matches
Mail list logo
