Two different sources, one with a single value

Martin.Ward at uk.neceur.com Martin.Ward at uk.neceur.com
Tue Sep 13 12:27:59 CEST 2005 

Hi all,

I'm just about getting the hang of FreeRadius now, thanks to the various
emails and stuff that people have been asking, but I've not been able to
find the answer to one particular question.

I have a radius server that will process two types of request:
1. A user name and password login. Currently it's a flat file but I will
change that the use the rlm_unix module in the near future.
2. A MAC address, which is passed in as two attributes, "User-Name=MAC
Address" and "User-Password=MAC Address"

For the MAC address I want a flat file with just the MAC addresses in it. I
have tried using the passwd module and just ignoring the User-Password
attribute like so:

        passwd mac_address {
                filename = /var/mac_addresses
                format = "*User-Name"
        }

but this fails to authenticate even though it gets through the Authorize
section OK:

rad_recv: Access-Request packet from host 172.29.252.228:1026, id=98,
length=160
        NAS-IP-Address = 172.29.252.228
        NAS-Port-Id = "10:2"
        Extreme-Attr-208 = 0x556e6b6e6f776e204c6f636174696f6e
        NAS-Port-Type = Wireless-802.11
        User-Name = "000e359ec2ce"
        User-Password = "000e359ec2ce"
        Calling-Station-Id = "000e359ec2ce"
        Called-Station-Id = "0004960e2e00"
        NAS-Identifier = "Altitude 300"
        Proxy-State = 0x31303a32040436c236c236c236c236c236c236c236c2
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 42
  modcall[authorize]: module "preprocess" returns ok for request 42
radius_xlat:  '/var/log/freeradius/radacct/172.29.252.228
/auth-detail-20050913'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/freeradius/radacct/172.29.252.228/auth-detail-20050913
  modcall[authorize]: module "auth_log" returns ok for request 42
  modcall[authorize]: module "mac_address" returns ok for request 42
modcall: group authorize returns ok for request 42
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [000e359ec2ce/000e359ec2ce] (from client wlan-switch port
0 cli 000e359ec2ce)

Am I simply doing the impossible, or am I missing something obvious
(again)?

|\/|artin
--
Senior Network Administrator, NEC (Europe) Ltd.
Acton extension: 3379
NEC*Net: 800-44-21-3379
Direct: +44 20 8752 3379
Fax: +44 20 8752 3389
Mobile: +44 7721 869 356

More information about the Freeradius-Users mailing list