EAP+PEAP SQL + MAC AUTH?
Ivan Kalik
tnt at kalik.net
Thu Jul 9 20:34:34 CEST 2009
> Hello guys! I was hoping you could help me with something its been
> troubling me the last two days. Im using a freeradius to authtenticate
> users on a WPA-Enterprise enviroment. What i would like to do now is to
> add another layer of security matching the MAC address of the user as well
> the user+password. The user and password thing is working without a
> problem, but i dont quite understand what is the way (or the best way) to
> accomplish the MAC thing.
>
Oddly enough, same as the password thing - add it to radcheck (not
radgroupcheck).
> The questions are then:
>
> For the group to work, should i put another atribute apart from the
> calling-station-id for the check? Like the thing you do for Dynamic VLAN
> assignment...
That won't work. If radgroupcheck item(s) don't match group gets ignored -
user is not rejected.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list