I have a working set up using wpa2 with freeradius and ldap. I need to set up host authentication instead of user authentication. I am using LAM to manage ldap and have added a couple host accounts, but I keep getting a login page from the hotspot. The problem could be a config issue on any device, but I am curious if there is a config change I need to make on freeradius to accommodate passing mac addresses to ldap rather than user credentials? (I want to use ldap for authentication instead of adding the host info to the config of freeradius.) Raymond
Raymond Norton wrote:
I have a working set up using wpa2 with freeradius and ldap. I need to set up host authentication instead of user authentication. I am using LAM to manage ldap and have added a couple host accounts, but I keep getting a login page from the hotspot. The problem could be a config issue on any device, but I am curious if there is a config change I need to make on freeradius to accommodate passing mac addresses to ldap rather than user credentials?
Edit the file raddb/modules/ldap Alan DeKok.
I am attempting to edit the ldap module to pass the mac address from the wireless client as the user. I have changed the basedn, but not sure how to change the "filter". Here is what I have : ldap { # # Note that this needs to match the name in the LDAP # server certificate, if you're using ldaps. server = "localhost" #identity = "cn=admin,o=My Org,c=UA" #password = mypass basedn = "ou=machines,dc=isd2190,dc=org" filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})" I would like to run radtest against the mac address too, so I can be sure things are working before adding in the wireless AP. It is erring out because I am not using a password ??? Raymond
participants (2)
-
Alan DeKok -
Raymond Norton