Problems regarding MAC address authentication

Alan DeKok aland at deployingradius.com
Tue Feb 13 08:04:04 CET 2007


Shobhit Jindal wrote:
> yeah upgrading is high on my list :)
> 
> rlm_passwd says it provides authorization via files but i need it via LDAP.
> I didnt get much from your reply, here's what am doing presently
> plz suggest how should i proceed.
> 
...
> radiusCallingStationId: 00-90-4B-ED-AB-52

  Please read the documentation and the debug output.  This entry in
LDAP says "send the Calling-Station-Id attribute in the Access-Accept".
 It is documented as doing that, and the debug log shows it's doing that.

  You can't just list things in configurations, and magically expect it
to do what you want.

  If you put the MAC into another field in LDAP, you can query the LDAP
server for that field, and see if it matches the field in the packet.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog



More information about the Freeradius-Users mailing list