[authorized_macs.authorize] returns noop

Phil Mayers p.mayers at imperial.ac.uk
Thu Jan 6 15:17:43 CET 2011


On 06/01/11 12:48, Nagaraj Panyam wrote:
> Dear experts,
>
> I setup mac_auth as in the freeradius wiki and its not working, am
> unable to debug further.

Hmm. This:

http://wiki.freeradius.org/index.php?title=Mac-Auth

...seems like it's a bit... over-engineered? if () unlang statements in 
the "authenticate" section and calling a module .authorize method in 
post-auth don't seem necessary?

Anyone who wrote the page, and why it uses that method?


> requesting for help!
> It correctly sets Auth-Type to CSID. but authorized_macs.authorize]
> returns noop
> I have pasted debug output and the relevant files below.
>
> ## Debug output of radiusd:
>
> rad_recv: Access-Request packet from host 158.144.55.107 port 3072,
> id=62, length=175
>          User-Name = "TEST\\test"
>          NAS-IP-Address = 158.144.55.107
>          NAS-Port = 0
>          Called-Station-Id = "001f1fd74ce9"
>          Calling-Station-Id = "001a734337c9"
>          NAS-Identifier = "Realtek Access Point. 8181"
>          Framed-MTU = 1400
>          NAS-Port-Type = Wireless-802.11
>          Service-Type = Framed-User
>          Connect-Info = "CONNECT 11Mbps 802.11b"
>          EAP-Message = 0x0200000e01544553545c74657374
>          Message-Authenticator = 0x1b88a63d48cd003d10945139139bbcac

This is not a mac-auth request. It's an EAP request, likely from an 
802.11 wireless point using WPA-Enterprise.

You can't mac-auth EAP.

Start by describing what you want to do please.



More information about the Freeradius-Users mailing list