Mac-auth. authorized_macs file sintax
Roberto Ortega Ramiro
roberto.ortega at esj.es
Fri Jun 21 19:52:41 CEST 2013
Hi, I have resolv my problem, i have create one user in users file validate
hosts whose mac address are in authorized_macs and i have the users and
passwords in ldap and this is my site-avaible/default file configuration in
the authorize section:
authorized_macs
if (ok) {
update control {
Auth-type := Accept
}
files
}
else {
ldap
if (notfound){
reject
}
}
eap {
ok = return
}
I suppose that is not the most elegance way of make the configuration but
it runs.
Thank you for your help.
2013/6/21 Roberto Ortega Ramiro <roberto.ortega at esj.es>
> I'm not at work now, but.
>
> This wil do that i want:
>
> authorize_macs
> if (ok) {
>
> update control {
> Auth-Type := files
> }
>
> } else {
>
> eap
>
> ldap
>
>
> }
>
>
> Thank you.
>
>
>
> 2013/6/21 Roberto Ortega Ramiro <roberto.ortega at esj.es>
>
>> ¿Is it posible to do a "if sentense" for validate the MAC address in
>> authorized_macs with one user in users file (or other site) and others
>> users can conect with hers user and password?
>>
>> Thank you.
>>
>>
>> 2013/6/21 Matthew Newton <mcn4 at leicester.ac.uk>
>>
>>> On Fri, Jun 21, 2013 at 02:56:57PM +0200, Roberto Ortega Ramiro wrote:
>>> > I'm trying to conect using AEP-TLS one host, and i was using one wrong
>>> user
>>> > and password for connect the host with his mac.
>>> > I have undertand that this is no posible. Right?
>>>
>>> You can do EAP-TLS *and* validate the MAC address. You just can't
>>> authenticate based on the MAC address only if you're doing EAP.
>>>
>>> Matthew
>>>
>>>
>>> --
>>> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
>>>
>>> Systems Specialist, Infrastructure Services,
>>> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
>>>
>>> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>>
>>
>> --
>> --
>> Un saludo.
>> ____________________
>>
>> Roberto Ortega
>> Profesor de Informática.
>> http://www.proyectoret.es
>>
>> Escuelas San José Valencia
>> Avd.Cortes Valencianas nº1
>> 46015 Valencia
>> R4600489A
>> Tf:963499011 ext. 262
>> Fax:963488835
>> http://www.escuelassj.com
>>
>> No imprimas este correo si no es necesario. Protejamos el medio ambiente.
>>
>
>
>
> --
> --
> Un saludo.
> ____________________
>
> Roberto Ortega
> Profesor de Informática.
> http://www.proyectoret.es
>
> Escuelas San José Valencia
> Avd.Cortes Valencianas nº1
> 46015 Valencia
> R4600489A
> Tf:963499011 ext. 262
> Fax:963488835
> http://www.escuelassj.com
>
> No imprimas este correo si no es necesario. Protejamos el medio ambiente.
>
--
--
Un saludo.
____________________
Roberto Ortega
Profesor de Informática.
http://www.proyectoret.es
Escuelas San José Valencia
Avd.Cortes Valencianas nº1
46015 Valencia
R4600489A
Tf:963499011 ext. 262
Fax:963488835
http://www.escuelassj.com
No imprimas este correo si no es necesario. Protejamos el medio ambiente.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130621/1862af1b/attachment-0001.html>
More information about the Freeradius-Users
mailing list