MAC authentication using FreeRadius
Max .M
mmourand at gmail.com
Tue Dec 29 08:45:51 CET 2015
Could you give me more details or a link explaining how to achieve this
please ?
I'm new to freeradius and all this, this would be really helpful.
Also, security is not an issue for them, also it's just basic guest access
on a separate network.
Thanks
2015-12-29 2:33 GMT-05:00 Anirudh Malhotra <amalhotra.sp-dl at nkn.in>:
> Hi,
>
> So when you are registering the user you must be keeping the MAC of the
> user, if not, keep it in whatever registering table you are keeping rest of
> the details.
> Then use unlang in authorize section to check calling station id if it
> matches change auth-type to accept.
>
> I wouldn't suggest this though, as MACs can be spoofed easily. The better
> method would be to use encrypted cookies(just like remember my password
> ones) so that the captive portal gets those cookies and lets user log in.
>
> BR,
> Anirudh Malhotra
>
> On 12/29/15 12:54 PM, "Max .M" <mmourand at gmail.com> wrote:
> >
> > Hi,
> >
> > thanks for taking the time to read.
> >
> > When this person that registered will leave the shop and come back 3 days
> > later, I want it to bypass the captive portal. This is why I will
> activate
> > MAC authentication on the access point.
> > I just need a way to tell the access point : if mac adress of MAC auth is
> > in SQL database, then authenticate (bypass captive portal)
> >
> > Thank you,
> >
> > 2015-12-29 2:10 GMT-05:00 Anirudh Malhotra <amalhotra.sp-dl at nkn.in>:
> >
> > > Hi,
> > >
> > > Your question is not very clear.
> > > Presuming that you want to store the MAC's of whoever is connecting
> > > > this is already being done in radacct table
> > > if people are registering they must be connected right? and when they
> are
> > > connected why do you need their MAC address after they are connected
> what
> > > help would that do?
> > >
> > > BR,
> > > Anirudh Malhotra
> > >
> > > On 12/29/15 09:11 AM, "Max .M" <mmourand at gmail.com> wrote:
> > > >
> > > > Hi everyone,
> > > >
> > > > i'm looking in a way to set-up MAC authentication using FreeRadius
> and
> > > > MySQL and any help would be much appreciated :)
> > > >
> > > > I have a scenario where multiple shops will have guest
> authenticating and
> > > > when someone register to their public wi-fi, we want their MAC to be
> > > stored
> > > > in the SQL database and do a check against it using MAC
> authentication on
> > > > the Aruba IAPs.
> > > >
> > > > I guess I need to find a way to capture the Calling-Station-Id and
> store
> > > it
> > > > into a table into the database and then I need to do a check against
> it
> > > for
> > > > every MAC it receives as a "username and password'
> > > >
> > > > Right now I can authenticate to my captive portal using FreeRadius +
> > > MySQL,
> > > > I can also enable MAC auth on my IAP and add a user with my phone's
> MAC
> > > > address as a username and password and it's working.
> > > >
> > > > I'm really looking into a way to automate this :)
> > > >
> > > > Thanks a lot
> > > > -
> > > > List info/subscribe/unsubscribe? See
> > > http://www.freeradius.org/list/users.html
> > > >
> > > -
> > > List info/subscribe/unsubscribe? See
> > > http://www.freeradius.org/list/users.html
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> >
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list