usename + password + MAC address

Hilton Guaraldi guaraldi at
Fri Sep 11 06:29:06 CEST 2009

Putting my head in the right place... :-)

May I insert in the radcheck table for user guaraldi, password
mudar123, MAC 00-18-E7-41-AD-C2 the following lines???

1    DEFAULT              Fall-Through                   =
2    guaraldi                 Cleartext-Password        :=            mudar123
3    guaraldi                 Calling-Station-Id            ==
4    guaraldi                 Simultaneous-Use          :=            1

And set in the peap section of eap.conf file:    copy_request_to_tunnel  = yes
Is this correct????????????


To: "FreeRadius users mailing list" <freeradius-users at>
Subject: Re: MAC auth won't work with SQL
From: <tnt at>
Date: Tue, 31 Mar 2009 22:11:12 +0100
Bounce-to: <tnt at>
In-reply-to: <001e01c9b23c$bab0f170$3012d450$@com>
Reply-to: FreeRadius users mailing list <freeradius-users at>


>Hi, I've setup two different Linux machines with FR and still can't get MAC
>authentication working with Calling-Station-Id in the radchk table. I've
>checked FAQ and have googled for hours. I've tried a hosted and local mySQL

If you only bothered looking at debug and configuration files for the
authentication method you are using. Outer request:

>rad_recv: Access-Request packet from host port 41576, id=191,
>        Calling-Station-Id = "00-1C-B3-B1-3E-07"

has that attribute in it, and inner request (user is authenticated in
inner tunnel):

>Sending tunneled request
>        EAP-Message =
>        FreeRADIUS-Proxied-To =
>        User-Name = "egeier at skynets"
>        State = 0x8433f2b7845fe8463016d60fe5b8c67e

.. doesn't! You have a setting copy_request_to_tunnel in peap section
of eap.conf. Enable it.

Ivan Kalik
Kalik Informatika ISP

> 2009/9/7 Ivan Kalik <tnt at>:
>>> On a Radius version 2.x, we would like to tie an user to a MAC address.
>>> The auth key would then be the username, password and MAC address
>>> (Calling Station ID).
>>> Where is the right place to do that?
>>> - On the freeRadius? (any hint, please?)
>>> - In the PGSQL behind? (using some FUNCTION, I have an idea of that)
>> If you are using postgre to store user data - then radcheck table (one
>> entry for password and one for Calling-Station-Id).
>> Ivan Kalik
>> Kalik Informatika ISP
>> -
>> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list