MAC Auth (new problem)

Nataniel Klug nata at cnett.com.br
Tue Dec 16 12:10:52 CET 2008 

Ivan,

Thank you. I will try to think about how can I do this.

tnt at kalik.net escreveu:
> Look, you can make a solution that will work for this specific case. And
> then you get a new AP that sends the mac address with different
> delimiters. Or even worse - no delimiters at all. What then?
>
> Don't go the route that will fail you in the future. Create a solution
> that will work. Every time and with every equipment. That means creating
> additionl user entry where username will be mac address; mac address in
> the database shouldn't have delimiters (both as usernames and ones
> stored as calling station ids in user profile); you should rewrite mac
> adress format(s) matching usernames and calling station ids and strip
> out delimiters from them in hints file. That's what you should do.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> Dana 16/12/2008, "Nataniel Klug" <nata at cnett.com.br> piše:
>
>   
>> Leigh and Ivan,
>>
>> I have a system that works on my WISP and this program is not hackable
>> (economic reasons -- this would cost too much to alter). As I already
>> have all my clients MAC address into radcheck table (as a value for
>> Calling-Station-Id) why can't I use this MAC to authenticate it in my
>> NAS/AP? This is my question. Why can't I look for the MAC in another
>> colum besides "Username" colum? There should be some way cheaper to me...
>>
>> Leigh Martell escreveu:
>>     
>>> I completely agree with you! I am still curious to why adding a user
>>> is not an option though. Hopefully we will be "enlightened" as to why
>>> it is not an option.
>>>
>>> 2008/12/15 <tnt at kalik.net <mailto:tnt at kalik.net>>
>>>
>>>     - hack your radius server?
>>>
>>>     - hack your user admin application?
>>>
>>>     It is credit to the quality and flexibility of Freeradius that messing
>>>     with the radius server comes up as an option at all.
>>>
>>>     Ivan Kalik
>>>     Kalik Informatika ISP
>>>
>>>
>>>       
>> --
>> Att,
>>
>> NATANIEL KLUG
>> nata at cnett.com.br
>>
>> LEIA O DIA-A-DIA DO NATA
>> http://nataklug.blogspot.com/
>>
>> Cyber Nett - Internet Banda Larga
>> www.cnett.com.br
>> (42) 3635-2957
>> Rua Diogo Pinto, 1046, Centro
>> Laranjeiras do Sul - PR
>> Brasil - 85301-290
>>
>> "... também os sábios possuem coraça~o tangível e podem, por vezes, usar da cie^ncia como meio de demonstrar impresso~es sentimentais de que muitos na~o os julgam suscetíveis."
>> Visconde de Taunay
>>
>>
>>
>>     
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>   

-- 
Att,

NATANIEL KLUG
nata at cnett.com.br

LEIA O DIA-A-DIA DO NATA
http://nataklug.blogspot.com/

Cyber Nett - Internet Banda Larga
www.cnett.com.br
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR
Brasil - 85301-290

"... também os sábios possuem coraça~o tangível e podem, por vezes, usar da cie^ncia como meio de demonstrar impresso~es sentimentais de que muitos na~o os julgam suscetíveis."
Visconde de Taunay

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081216/df7ab483/attachment.html>

More information about the Freeradius-Users mailing list