On Mon, Jan 28, 2013 at 02:17:04PM +0100, François Dagorn wrote:
062f68c7dcc2 Auth-type := Accept, User-Password == "062f68c7dcc2" .....
but now the stations controlled by the new Cisco appears as follows
06:2f:68:c7:dc:c2
Security tab ->AAA -> RADIUS -> Authentication MAC Delimiter can be set to "No delimiter"
So my first idea was to duplicate entries in the authorized file included within my conf, unfortunantely it does not run.
So, is there a simple way to force radiusd to accept different mac address format ?
You can use unlang like the following to 'fix up' the mac addresses: if ("%{request:Called-Station-Id}" =~ /^([0-9a-fA-F]{2}):?([0-9a-fA-F]{2})[:.]?([0-9a-fA-F]{2}):?([0-9a-fA-F]{2})[:.]?([0-9a-fA-F]{2}):?([0-9a-fA-F]{2})$/) { update request { Called-Station-Id := "%{1}%{2}%{3}%{4}%{5}%{6}" } } However - if you're trying to do wireless WPA and EAP with mac based auth, it's not likely to go well...
Sorry if this is a FAQ, of course I've not changed anything within my conf since 2009 !
You should upgrade. There have been security bugs fixed in 2.2.0. Matthew -- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>