22 Mar
2023
22 Mar
'23
10:40 a.m.
Is it possible to check mac address of user device when doing standard 802.1x authentication and allow access without doing mac-auth + 802.1x ?. The requirement is to restrict users from connecting from other devices(say BYOD) other than IT approved device allocated to user. When using mac-auth-802.1x, server have no way of knowing which device the user is mapped to and user can connect from any authorised device in the list. Questions, 1, Is there a guide on how to achieve this with mysql integration ?. 2a, Is it recommended to add new columns to include mac-addr in radcheck table ?. 2b, If so, will freeradius automatically check new columns values and do access-accept/reject automatically ?. Any hints will be helpful. Thanks,