pfSense with freeRadius and CHAP
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu Oct 6 11:44:17 CEST 2011
On 6 Oct 2011, at 11:26, Mark wrote:
> Hi all,
>
> I have a weird problem, as you can see in the log below the client can successfully authenticate once and after that fails. The network structure is:
>
> 1) pfSense with freeRadius as firewall, authentication and accounting server
> 2) A HP ProCurve 2626 with MAC based port access
> 3) A wireless access point
00026f898b64 != 00026f898b62
The second request has the Mac-Address 00026f898b64, the users file only contains an entry for 00026f898b62... Coffee coffee coffee...
Mac-Auth just uses the SRC address in the first Ethernet frame is sees. If your machine is sending packets with different SRC macs, then you'll have a race condition. Usually only happens if it's running vmware with bridge connections, but could also be NIC drivers or windows/linux just being weird.
Don't rule out the ProCurve switch either, security features are still very buggy.
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111006/1fd376bd/attachment.html>
More information about the Freeradius-Users
mailing list