Radius MAC filtering with EAP-PEAP

Era alexey.eronko at gmail.com
Wed Feb 27 12:19:55 CET 2008


Era wrote:

> Could you please assist me to find my fault. I have test user with laptop.
I
> want to restrict access for this laptop. In users file I added wrong mac
> address (00-18-de-4e-8f-11) but laptop still can connect with
testuser/12345
> credentials.

  Did you read the documentation for the "users" file?

 [Era]: Yes I did. But no result.

> Here is my users file:
>
> testuser User-Password == "12345"
>          Calling-Station-Id = "00-18-de-4e-8f-11"

  What do you think this entry does?

 [Era:]  I thought that this entry maps user with mac hardware address.

> Here is my checkval config:

  I don't think you need to use the "checkval" module.

[Era:]  I'm using 1.1.7 on debian.

Please don't judge me hard. I didn't find any howto or manual about mac
filtering feature in freeradius doc.
I found howto about eap-peap and setup it thought ldap. Because of that I
ask these stupid questions.
Where can I find this howto ?

  In 2.0, you can just write the logic you want in "unlang".

  Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list