FreeRadius MAC address authorization (no authentication)

Alan DeKok aland at
Fri Aug 8 09:09:32 CEST 2008

Ramot Lubis wrote:
> Yes, I aim not to install hotfix in Windows XP client.

  Good luck.

> My main purpose is to check valid MAC address of every Wireless Device
> (with Windows XP SP2).
> Based on "radiusd -X" log in my previous email, I tried to conclude
> that even in Authorization phase, calling-station-id has been
> validated to be match with MAC address data in SQL db. In this case, I
> don't need further Authentication phase.

  That's not how EAP-TLS works.

> However, I dont know how to configure radius server to ignore
> authentication phase. Is there any idea for me to follow?

  If you only need to do MAC authentication, see MAC authentication
bypass, which is in Cisco switches.

  Alan DeKok.

More information about the Freeradius-Users mailing list