FreeRadius, MySQL, MAC Authentication w/ Dynamic VLAN

James Taylor jtaylor at fcip.net
Thu Aug 14 10:13:55 CEST 2008


Yes, I think I figured it out.... I just wanted to know if anyone else has run into any crazy issues doing this and if there were any snags I may be aware of.  I attached an example of my theoretical database that I will be implementing in the morning.  We'll see!  Thank you for the quick reply... if anyone else has a comment please feel free to let me know!


#######################################################################
##########################Wired Connections##############################
#######################################################################

#########################RADIUS Table: radcheck############################
ID            UserName          GroupName
1              macaddr              VLAN10

#########################RADIUS Table: radcheck############################
ID            UserName:         Attribute:                            Value:                                   Op:
1              macaddr              User-Password                 macaddr                              ==

#########################RADIUS Table: radreply############################
ID            UserName:         Attribute:                            Value:                                   Op:
1              macaddr              Calling-Station-ID             macaddr-from-sw           ==

#######################RADIUS Table: radgroupreply#########################
ID            GroupName:     Attribute:                                            Value:                                   Op:
1              VLAN10                Tunnel-Type                                      VLAN                                     =
2              VLAN10                Tunnel-Medium-Type                   IEEE-802                               =
3              VLAN10                Tunnel-Private-Group-ID             10                                           =

#######################################################################
##########################Wireless Connections############################
#######################################################################

#########################RADIUS Table: radcheck############################
ID            UserName          GroupName
1              macaddr              VLAN11

#########################RADIUS Table: radcheck############################
ID            UserName:         Attribute:                            Value:                                   Op:
1              macaddr              User-Password                 nas-password                    ==

#########################RADIUS Table: radreply############################
ID            UserName:         Attribute:                            Value:                                   Op:
1              macaddr              Calling-Station-ID             macaddr-from-sw           ==

#######################RADIUS Table: radgroupreply#########################
ID            GroupName:     Attribute:                                            Value:                                   Op:
1              VLAN11                Airespace-Wlan-Id                          wlan-id-on-controller     =
2              VLAN11                Airespace-Interace-name            wlan-interface-name     =
3              VLAN11                Tunnel-Type                                      VLAN                                     =
4              VLAN11                Tunnel-Medium-Type                   IEEE-802                               =
5              VLAN11                Tunnel-Private-Group-ID             11                                           =

James Taylor
FCIP Networks

From: freeradius-users-bounces+jtaylor=fcip.net at lists.freeradius.org [mailto:freeradius-users-bounces+jtaylor=fcip.net at lists.freeradius.org] On Behalf Of Marinko Tarlac
Sent: Thursday, August 14, 2008 12:48 AM
To: FreeRadius users mailing list
Subject: Re: FreeRadius, MySQL, MAC Authentication w/ Dynamic VLAN

http://wiki.freeradius.org/SQL_HOWTO
On Thu, Aug 14, 2008 at 9:42 AM, James Taylor <jtaylor at fcip.net<mailto:jtaylor at fcip.net>> wrote:

Hello everyone!



I am currently tasked with a new project where I have been asked to move our currently working 'users' file into a manageable MySQL DB (we have over 500 user entries so it's understandable). Below you will find a currently working entry from the 'users' file.



Mac-addresss Auth-Type := local, User-Password == "password"

        Calling-Station-ID == "mac-address",

        Airespace-Wlan-Id = 5,

        Airespace-Interface-Name = Wireless WLAN Name,

        Tunnel-Type = VLAN,

        Tunnel-Medium-Type = IEEE:802,

        Tunnel-Private-Group-ID = VLAN-ID



As you can tell this is a wireless user and of course I have the dictionary attributes added (like I said it is currently a working users file) but my question is how to take this information and add it to the MySQL radius.radcheck database?  From what I am seeing the ID is a primary key and must be unique and there is only one attribute field.  I may be asking this incorrectly but, does the DB read the rows starting with the ID 1 being the first user and continue down until the next user entry and return all the rows into Radius for authentication?



If you have any possible pointers it would be greatly appreciated!   Thank you everyone!



James Taylor

FCIP Networks

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080814/6cb4d0d5/attachment.html>


More information about the Freeradius-Users mailing list