<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Verdana; font-size: 10pt; color: #3366FF'>Hi Tim -<br><br>Thanks Tim, that worked, although is that up to each AP manf as to what it sends? I have HP420s. I changed the password field to match the MAC and it authenticated (I think), but I didn't get an IP. The 420 I'm using hands out an IP fine when I turn off the MAC auth and have it wide open, so it's talking to my DHCP server fine.<br><br>Any more ideas would be greatly appreciated!<br><br>Thx - Steve<br><br>Waking up in 6 seconds...<br>rad_recv: Accounting-Request packet from host 10.10.18.241:9000, id=4, length=138<br> Acct-Delay-Time = 0<br> NAS-Identifier = "Enterprise AP"<br> User-Name = "000e35-84610a"<br> Acct-Status-Type = Start<br> Acct-Session-Id = "000e35-84a0414e5"<br> Acct-Authentic = RADIUS<br> NAS-IP-Address = 10.10.18.241<br> NAS-Port = 1<br> NAS-Port-Type = Wireless-802.11<br> Calling-Station-Id = "000e3584610a"<br> Called-Station-Id = "001321ad8e4e"<br> Service-Type = Framed-User<br> Processing the preacct section of radiusd.conf<br>modcall: entering group preacct for request 1<br> modcall[preacct]: module "preprocess" returns noop for request 1<br>rlm_acct_unique: Hashing 'NAS-Port = 1,Client-IP-Address = 10.10.18.241,NAS-IP-Address = 10.10.18.241,Acct-Session-Id = "000e35-84a0414e5",User-Name = "000e35-84610a"'<br>rlm_acct_unique: Acct-Unique-Session-ID = "3107f7faaae62984".<br> modcall[preacct]: module "acct_unique" returns ok for request 1<br> rlm_realm: No '@' in User-Name = "000e35-84610a", looking up realm NULL<br> rlm_realm: No such realm "NULL"<br> modcall[preacct]: module "suffix" returns noop for request 1<br> modcall[preacct]: module "files" returns noop for request 1<br>modcall: leaving group preacct (returns ok) for request 1<br> Processing the accounting section of radiusd.conf<br>modcall: entering group accounting for request 1<br>radius_xlat: '/var/log/freeradius/radacct/10.10.18.241/detail-20090508'<br>rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.10.18.241/detail-20090508<br> modcall[accounting]: module "detail" returns ok for request 1<br> modcall[accounting]: module "unix" returns ok for request 1<br>radius_xlat: '/var/log/freeradius/radutmp'<br>radius_xlat: '000e35-84610a'<br> modcall[accounting]: module "radutmp" returns ok for request 1<br>modcall: leaving group accounting (returns ok) for request 1<br>Sending Accounting-Response of id 4 to 10.10.18.241 port 9000<br>Finished request 1<br><br><br>----- Original Message -----<br>From: "Tim Sylvester" <tim.sylvester@networkradius.com><br>To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org><br>Sent: Friday, May 8, 2009 11:42:29 AM GMT -05:00 US/Canada Eastern<br>Subject: RE: FR Using MAC Authentication<br><br>
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="Section1">
<p class="MsoNormal"><span style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);">Steve,</span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"> </span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);">Your wireless access point is sending the MAC address as the
username and password. Change the username and password in the users file and
the authentication will work.</span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"> </span></p>
<p class="MsoNormal"><span style="font-size: 10pt; font-family: "Verdana","sans-serif"; color: rgb(51, 102, 255);">rad_recv: Access-Request packet from host 10.10.18.241:2160,
id=7, length=53<br>
User-Name =
"00215c-08b25d" <--- This came from the wireless access
point<br>
User-Password =
"00215c-08b25d" <--- This came from the wireless access point<br>
<br>
</span></p>
<p class="MsoNormal"><span style="font-size: 10pt; font-family: "Verdana","sans-serif"; color: rgb(51, 102, 255);"> </span></p>
<p class="MsoNormal"><span style="font-size: 10pt; font-family: "Verdana","sans-serif"; color: rgb(51, 102, 255);">Tim</span><span style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"></span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"> </span></p>
<div>
<div style="border-style: solid none none; border-color: rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color; border-width: 1pt medium medium; padding: 3pt 0in 0in;">
<p class="MsoNormal"><b><span style="font-size: 10pt; font-family: "Tahoma","sans-serif";">From:</span></b><span style="font-size: 10pt; font-family: "Tahoma","sans-serif";">
freeradius-users-bounces+tim.sylvester=networkradius.com@lists.freeradius.org
[mailto:freeradius-users-bounces+tim.sylvester=networkradius.com@lists.freeradius.org]
<b>On Behalf Of </b>Steve Wu<br>
<b>Sent:</b> Friday, May 08, 2009 8:35 AM<br>
<b>To:</b> freeradius-users@lists.freeradius.org<br>
<b>Subject:</b> FR Using MAC Authentication</span></p>
</div>
</div>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal" style="margin-bottom: 12pt;"><span style="font-size: 10pt; font-family: "Verdana","sans-serif"; color: rgb(51, 102, 255);">Hi -<br>
<br>
I have just started tinkering with Freeradius, I built an Ubuntu 8.10 server
box and installed FR --> sudo apt-get install freeradius*. It installed in a
breeze and tested fine. I have setup a HP420 AP for testing, it's chattering
with the FR box fine (I think).<br>
<br>
I want my wireless clients to do MAC authentication via the FR box. I have
setup my users file to auth two of my test laptops:<br>
<br>
000E35-84610A Auth-Type := Local, User-Password == "esradius"<br>
00215C-08B25D Auth-Type := Local, User-Password == "esradius"<br>
<br>
When either tries to connect up, in the FR debug I see:<br>
<br>
rad_recv: Access-Request packet from host 10.10.18.241:2160, id=7, length=53<br>
User-Name =
"00215c-08b25d"<br>
User-Password =
"00215c-08b25d"<br>
Processing the authorize section of radiusd.conf<br>
<br>
The authentication eventually fails:<br>
<br>
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.<br>
<br>
Why is the User-Password the MAC address and not what is specified in the users
file? I have only tweaked the users and clients.conf files.<br>
<br>
Just simple MAC authentication, that's all I want at this point.<br>
<br>
Thanks in advance!<br>
<br>
- Steve<br>
<br>
<br>
</span></p>
</div>
</div>
<br>-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html</div></body></html>