Question: How do I forcibly accept all rest requests??

Difan Zhao difan.zhao at guest-tek.com
Tue Mar 30 21:11:38 CEST 2010


Good afternoon guys!

I am running version 2.1.6. The server is currently doing 802.1x authentication for network devices. Some devices are PCs and users use their Windows domain user/password to login. The rest are special network equipments and I use "MAC address authentication bypass" to authenticate them.

Now I have a dilemma that I need to make all other devices (guest devices from out of my company) to be authenticated as well...

Currently if these devices (usually laptop running Windows XP) support 802.1x, they will fail and they will be put in an Auth-failed VLAN. The VLAN itself is fine and they can do whatever they want on this VLAN. However it's just that annoying icon on their laptops. It pops up from time to time to notify users that they failed authentication and even prompted for username and password if configured to do so...

So I want to make all rest devices to be authenticated. It will be even better if I can assign them to a specific VLAN. I was reading ./sites-avaliable/default and I found that "forcibly accept the user (Auth-Type := Accept)". Where do I put it? I tried:

post-auth {
		Post-Auth-Type REJECT {
#            	attr_filter.access_reject
			Auth-Type := Accept
        	}
}

And obviously it's not working... Any ideas how I should configure it? Thank you!
 
Difan Zhao
Network Engineer
difan.zhao at guest-tek.com
www.guest-tek.com
Office: 403-509-1010 ext 3048
Cell: 403-689-7514
 





More information about the Freeradius-Users mailing list