[authorized_macs.authorize] returns noop
Alexander Clouter
alex at digriz.org.uk
Fri Jan 7 09:21:37 CET 2011
Nagaraj Panyam <pn at tifr.res.in> wrote:
>
> In my previous mail while asking for help, I did not fully explain what
> I wanted to configure.
> So here goes: I want to configure freeradius to setup MAC based
> authentication for laptops and hand held devices in my organization.
> My first preference is to make it purely MAC based and paswordless.
>
You are not reading what we have been telling you, please re-read the
replies in this thread. You *cannot* do mac-auth on 802.1X networks,
period, end of story, game-over, FIN.
WPA Enterprise enabled wireless networks *are* 802.1X networks, so you
cannot do mac-auth. The request your RADIUS server is receiving (that
you have given below) is a 802.1X request because it has an EAP-Message
attribute.
What you want to do cannot be done.
Cheers
> ------ Debug output:
> rad_recv: Access-Request packet from host 192.168.55.107 port 3072, id=35, length=175
> User-Name = "TEST\\test"
> NAS-IP-Address = 192.168.55.107
> NAS-Port = 0
> Called-Station-Id = "001f1fd74ce9"
> Calling-Station-Id = "001a734337c9"
> NAS-Identifier = "Realtek Access Point. 8181"
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-802.11
> Service-Type = Framed-User
> Connect-Info = "CONNECT 11Mbps 802.11b"
> EAP-Message = 0x0200000e01544553545c74657374
> Message-Authenticator = 0x0fc7203c788350352965da25a7a1049e
--
Alexander Clouter
.sigmonster says: Illegally parked cars will be towed at owner's expense.
More information about the Freeradius-Users
mailing list