Two different sources, one with a single value

Þórður Ívarsson toti at skrin.is
Tue Sep 13 15:34:00 CEST 2005


or "Auth-type = mac_address" ?


> -----Original Message-----
> From: Martin.Ward at uk.neceur.com [mailto:Martin.Ward at uk.neceur.com] 
> Sent: 13. september 2005 10:28
> To: FreeRadius users mailing list
> Subject: Two different sources, one with a single value
> 
> 
> Hi all,
> 
> I'm just about getting the hang of FreeRadius now, thanks to 
> the various emails and stuff that people have been asking, 
> but I've not been able to find the answer to one particular question.
> 
> I have a radius server that will process two types of request:
> 1. A user name and password login. Currently it's a flat file 
> but I will change that the use the rlm_unix module in the near future.
> 2. A MAC address, which is passed in as two attributes, 
> "User-Name=MAC Address" and "User-Password=MAC Address"
> 
> For the MAC address I want a flat file with just the MAC 
> addresses in it. I have tried using the passwd module and 
> just ignoring the User-Password attribute like so:
> 
>         passwd mac_address {
>                 filename = /var/mac_addresses
>                 format = "*User-Name"
>         }
> 
> but this fails to authenticate even though it gets through 
> the Authorize section OK:
> 
> rad_recv: Access-Request packet from host 
> 172.29.252.228:1026, id=98, length=160
>         NAS-IP-Address = 172.29.252.228
>         NAS-Port-Id = "10:2"
>         Extreme-Attr-208 = 0x556e6b6e6f776e204c6f636174696f6e
>         NAS-Port-Type = Wireless-802.11
>         User-Name = "000e359ec2ce"
>         User-Password = "000e359ec2ce"
>         Calling-Station-Id = "000e359ec2ce"
>         Called-Station-Id = "0004960e2e00"
>         NAS-Identifier = "Altitude 300"
>         Proxy-State = 0x31303a32040436c236c236c236c236c236c236c236c2
>   Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 42
>   modcall[authorize]: module "preprocess" returns ok for request 42
> radius_xlat:  '/var/log/freeradius/radacct/172.29.252.228
> /auth-detail-20050913'
> rlm_detail:
> /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
> expands to 
> /var/log/freeradius/radacct/172.29.252.228/auth-detail-20050913
>   modcall[authorize]: module "auth_log" returns ok for request 42
>   modcall[authorize]: module "mac_address" returns ok for request 42
> modcall: group authorize returns ok for request 42
> auth: No authenticate method (Auth-Type) configuration found for the
> request: Rejecting the user
> auth: Failed to validate the user.
> Login incorrect: [000e359ec2ce/000e359ec2ce] (from client 
> wlan-switch port 0 cli 000e359ec2ce)
> 
> Am I simply doing the impossible, or am I missing something 
> obvious (again)?
> 
> |\/|artin
> --
> Senior Network Administrator, NEC (Europe) Ltd.
> Acton extension: 3379
> NEC*Net: 800-44-21-3379
> Direct: +44 20 8752 3379
> Fax: +44 20 8752 3389
> Mobile: +44 7721 869 356
> 
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> 
> 




More information about the Freeradius-Users mailing list