[Help] Is that possible to change the reject message that appears at the Windows Pop Up

Olivier Beytrison olivier at heliosnet.org
Mon Mar 18 16:53:44 CET 2013

On 18.03.2013 16:48, Danny Kurniawan wrote:
> Hi All,
> So i have been able to authenticate my wireless user using 802.1x + LDAP
> + MAC address (using CallingStationID attriubute). So now for example
> when user A have MAC 11:22:33 but tried to login using another device
> there will be a pop up window when they try to connect - just a plain
> error popup saying "Unable to connect". Is there any way we can
> customize this error from radius? or should be from the wireless AP?
> So below is the unlang code that i use to check whether the user have a
> set of MAC address in their ldap profile or not
>     if(!control:Calling-Station-Id){
>         reject
>     }
> Possible to have that reject command to return some code that Windows
> client can understand like "No MAC address" etc?
> Thanks in advance
> Danny

you could send back a reply-message.

But it is forbidden if you are doing EAP.

And anyway, Micro$oft is not paying attention to it and will disregard it.

so no, you can't send a message to the user.


 Olivier Beytrison
 Network & Security Engineer, HES-SO Fribourg
 Mail: olivier at heliosnet.org

More information about the Freeradius-Users mailing list