Hey guys,

 

Since I have asked so many questions regarding to this topic I guess you all know my situation very well so I won’t go through the whole thing again and save your time!

 

So I found that if I add a “Default” line at the bottom of the users file, like:

 

DEFAULT                Auth-Type = ntlm_auth

 

The server will always use ntlm for authentication… even I have updated the auth-type to Auth-NHSTB, it doesn’t use it. I have attached both debug files. What should I do if I want a “Default” line in the user file while still use the special authentication that I defined for MAC authentication bypass? Thanks!

 

 

 

Policy.conf:

 

policy {

        …

        rewrite_calling_station_id {

                if(request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) {

                        update request {

                                Calling-Station-Id := "00a008%{1}%{2}%{3}"

                        }

                }

                else {

                        noop

                }

        }

}      

 

 

Default:

 

authorize {

            …

rewrite_calling_station_id

if((Service-Type == 'Call-Check') && (User-Name =~ /^%{Calling-Station-ID}$/i)){

                  update control {

                        Auth-Type = 'Auth-NHSTB'

                  }

    }

}

 

authenticate {

                  …

        Auth-Type Auth-NHSTB {

                if(request:User-Name == "%{request:User-Password}") {

                        ok

                }

                else{

                        reject

                }

        }

}

 

 

Guest-tek, Difan Zhao

difan.zhao@guest-tek.com

www.guest-tek.com

Office: 403-509-1010 ext 3048

Cell: 403-689-7514