<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.10.3">
</HEAD>
<BODY>
Hi!<BR>
<BR>
I'm trying to get a Cisco Aironet 1130 to do MAC authentication with freeradius and a pgsql as backend.<BR>
I Have made my own table in the pgsql witch looks like this:<BR>
radius=> select * from maskiner;<BR>
mid | mnavn | mmac | mpwd | mattr | mop<BR>
-----+--------------+-------------------+------------+-----------+----------+--------+<BR>
9 | 0016cf0157f8 | 0016cf0157f8 | radius | Password | == |<BR>
<BR>
where mnavn is the name of the machine, mmac is the MAC of the machine, mpwd is a password field, mattr is the attribute field, mop is the operator.<BR>
<BR>
I have tried with an Avaya AP, and it works fine.<BR>
Here is the authorize table:<BR>
authorize_check_query = "SELECT mid, mmac, mattr, mpwd, mop \<BR>
FROM maskiner WHERE LOWER(mmac) = LOWER('%{SQL-User-Name}') ORDER BY mid"<BR>
<BR>
Here is the authenticate table:<BR>
authenticate_query = "select mpwd from maskiner where mmac = '%{User-Name}'";<BR>
<BR>
Here is the output from freeradius:<BR>
rad_recv: Access-Request packet from host 192.168.250.28:6001, id=3, length=112<BR>
User-Name = "0016cf0157f8"<BR>
User-Password = "radius"<BR>
NAS-IP-Address = 192.168.250.28<BR>
Called-Station-Id = "00-20-a6-59-ce-93:GandrupII"<BR>
Calling-Station-Id = "00-16-cf-01-57-f8"<BR>
NAS-Port = 0<BR>
rlm_sql (sql): Reserving sql socket id: 4<BR>
rlm_sql_postgresql: query: SELECT mid, mmac, mattr, mpwd, mop FROM maskiner<BR>
WHERE LOWER(mmac) = LOWER('0016cf0157f8') ORDER BY mid<BR>
rlm_sql_postgresql: Status: PGRES_TUPLES_OK<BR>
rlm_sql_postgresql: affected rows =<BR>
rlm_sql (sql): Released sql socket id: 4<BR>
Login OK: [0016cf0157f8/radius] (from client Demo port 0 cli 00-16-cf-01-57-f8)<BR>
Sending Access-Accept of id 3 to 192.168.250.28:6001<BR>
<BR>
Now since the Cisco AP is sending the User-Name and User-Password in another format we have change freeradius configuration.<BR>
Here is the authorize table:<BR>
authorize_check_query = "SELECT mid, mmac, mattr, mmac, mop FROM maskiner \<BR>
WHERE LOWER(mmac) = LOWER('%{SQL-User-Name}') ORDER BY mid"<BR>
<BR>
Here is the authenticate table:<BR>
authenticate_query = "select mmac from maskiner where mmac = '%{User-Name}'";<BR>
<BR>
Here is the output from freeradius:<BR>
rad_recv: Access-Request packet from host 192.168.250.35:1645, id=148, length=115<BR>
User-Name = "0016cf0157f8"<BR>
User-Password = "0016cf0157f8"<BR>
Called-Station-Id = "0017.0f84.8af0"<BR>
Calling-Station-Id = "0016.cf01.57f8"<BR>
Service-Type = Login-User<BR>
NAS-Port-Type = Wireless-802.11<BR>
NAS-Port = 531<BR>
NAS-IP-Address = 192.168.250.35<BR>
NAS-Identifier = "AP-07"<BR>
rlm_sql (sql): Reserving sql socket id: 4<BR>
rlm_sql_postgresql: query: SELECT mid, mmac, mattr, mmac, mop FROM maskiner<BR>
WHERE LOWER(mmac) = LOWER('0016cf0157f8') ORDER BY mid<BR>
rlm_sql_postgresql: Status: PGRES_TUPLES_OK<BR>
rlm_sql_postgresql: affected rows =<BR>
rlm_sql (sql): No matching entry in the database for request from user [0016cf0157f8]<BR>
rlm_sql (sql): Released sql socket id: 4<BR>
Login incorrect: [0016cf0157f8/0016cf0157f8] (from client Demo port 531 cli<BR>
0016.cf01.57f8)<BR>
<BR>
Why won't it work with the Cisco, does it use another dictionary or.... <BR>
<BR>
Any help is appreciated!!<BR>
<BR>
Thanks in advance,<BR>
<BR>
Christoffer <BR>
<BR>
<BR>
<BR>
</BODY>
</HTML>