Help needed configuring MAB on FreeRADIUS and Cisco switch
alan buxey
A.L.M.Buxey at lboro.ac.uk
Mon Jul 16 17:20:46 CEST 2012
Hi,
> Poking around in the radiusd.conf file I checked the section modules
> which looks like this:
yes...thats just for the module config - you then need
to call that module - ensure that sql is not commented out in
sites-enabled/default
> The modules look like so:
>
> raddb]# ls modules/
> acct_unique counter dynamic_clients files mac2vlan
> pap realm unix
> always cui echo inner-eap mschap
> passwd smbpasswd wimax
> attr_filter detail etc_group ippool
> ntlm_auth perl smsotp
> attr_rewrite detail.example.com exec linelog
> opendirectory policy sqlcounter_expire_on_login
> chap detail.log expiration logintime otp
> preprocess sql_log
> checkval digest expr mac2ip pam
> radutmp sradutmp
>
>
> I don't see a mysql module in there.
correct. the sql module in 2.x is in the top directory (in 3.x its in the modules
directory to make it common). the sql.conf file tells you all you need to know - including
which dialup.conf file to edit
> By placing the entry you suggested at the top of the /etc/raddb/users
> file and restarting the server I got this:
well, no you didnt...or rather, if you did stick that in the users file
then its certainly not the users file that the server is reading. you are editing
the live server config and not some extracted archive file?
> I am assuming that
>
> "Tunnel-Private-Group-Id:0 = "3","
>
> means VLAN 3??
in Cisco speak , yes
> If so I should change it to 20 as that's what has been configured on the switch!
well, yes - that would be what you'd need - except I just used the bit of config
that you were already using - and my examples are just examples...i dont know
your site requirements or what you are doing. if i didm then this would be consultancy
and you'd be paying me lots of money ;-)
alan
More information about the Freeradius-Users
mailing list