Radius MAC filtering with EAP-PEAP
Liran Tal
liran at enginx.com
Wed Feb 27 12:42:29 CET 2008
On Wed, Feb 27, 2008 at 1:19 PM, Era <alexey.eronko at gmail.com> wrote:
> Era wrote:
>
> > Could you please assist me to find my fault. I have test user with
> laptop.
> I
> > want to restrict access for this laptop. In users file I added wrong mac
> > address (00-18-de-4e-8f-11) but laptop still can connect with
> testuser/12345
> > credentials.
>
> Did you read the documentation for the "users" file?
>
> [Era]: Yes I did. But no result.
>
> > Here is my users file:
> >
> > testuser User-Password == "12345"
> > Calling-Station-Id = "00-18-de-4e-8f-11"
>
> What do you think this entry does?
>
> [Era:] I thought that this entry maps user with mac hardware address.
>
>
No that lines means that the user tester/12345 will be granted access and
freeradius will send a Calling-Station-Id attribute reply to the NAS in
return,
which is not what you wanted...
I hope this makes more sense.
Regards,
Liran Tal.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080227/73cec959/attachment.html>
More information about the Freeradius-Users
mailing list