Hello guys! I was hoping you could help me with something its been troubling me the last two days. Im using a freeradius to authtenticate users on a WPA-Enterprise enviroment. What i would like to do now is to add another layer of security matching the MAC address of the user as well the user+password. The user and password thing is working without a problem, but i dont quite understand what is the way (or the best way) to accomplish the MAC thing.
Oddly enough, same as the password thing - add it to radcheck (not radgroupcheck).
The questions are then:
For the group to work, should i put another atribute apart from the calling-station-id for the check? Like the thing you do for Dynamic VLAN assignment...
That won't work. If radgroupcheck item(s) don't match group gets ignored - user is not rejected. Ivan Kalik Kalik Informatika ISP