Authenticating MACs and users
Rudolph Bott
r at bott.im
Sat Nov 20 11:26:40 CET 2010
Hi Alan,
ok I'll try to be more specific:
I have all the mac addresses (including the vlan attribute) in my users
file. Can I just put in some user accounts as well and configure my
switches to use the radius server for user authentication?
How do I separate the management-users from my 'fake' mac-address-users?
I don't wont anyone to login to my switches with his mac address :/
On top of that, I might also need a Radius server to authenticate
wireless users against Active Directory but I'll probably use IAS here
(unless its easy to add this feature to the existing freeradius setup as
well).
Basically my question is: how can I separate user requests for different
backends (mac-address-users-file, switch-users-file, active directory
backend) on my radius server. Simply running 3 instances with different
ports/configurations on the same server is probably not the way to go
(is it?)
On 19.11.2010 20:42, Alan DeKok wrote:
> Rudolph Bott wrote:
>> Ah yes, thanks - any hints on how to achieve this? Maybe I'm just using
>> the wrong keywords for searching.
>
> (a) configure user authentication
> (b) configure MAC authentication
>
> There is no real difference between the two, other than the format of
> the User-Name attribute.
>
> If your question was more specific, my answers could be more detailed.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Mit freundlichen Grüßen / With Kind Regards
Rudolph Bott
More information about the Freeradius-Users
mailing list