FreeRadius MAC address authorization (no authentication)
Ramot Lubis
ramot.lubis at gmail.com
Fri Aug 8 04:26:48 CEST 2008
Hi, I'm trying to implement FreeRadius to authenticate Wireless
CLient based on MAC address only, unfortunately all my wireless client
using EAP/TLS (Windows XP SP2) . I found that tutorials and doc are
not leading me to the right direction. Besides, I will not burden my
Windows XP SP2 client to search hotfix for EAP/TLS compatibility with
FreeRadius.
After digging more, I realize that Authorization using checkval module
is enough to verified valid MAC address from Wireless Client. But my
question is how can I use only Authorization where Authentication will
always return Access-Accept.
Here is my radiusd -X output:
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.0.2 port 1027, id=183, length=199
User-Name = "PIDEL-3C5B30E9C\\Administrator"
NAS-IP-Address = 10.0.0.2
NAS-Port = 0
Called-Station-Id = "00-1E-E5-9D-61-85:DEL_LR1"
Calling-Station-Id = "00-21-00-0B-68-E3"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x0201002201504944454c2d3343354233304539435c41646d696e6973747261746f72
Message-Authenticator = 0x891b437263cd48909255484bb081c823
+- entering group authorize
++[preprocess] returns ok
....
....
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
rlm_checkval: Item Name: Calling-Station-Id, Value: 00-21-00-0B-68-E3
rlm_checkval: Value Name: Calling-Station-Id, Value: 00-21-00-0B-68-E3
++[checkval] returns ok
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Sending Access-Reject of id 183 to 10.0.0.2 port 1027
Finished request 0.
Thanks in advance.
Ramot Lubis.
More information about the Freeradius-Users
mailing list