PEAP/MSCHAPv2 bounded to a particular MAC Address
Marco Gaiarin
gaio at sv.lnf.it
Thu Jan 30 17:55:55 CET 2014
Mandi! Matthew Newton
In chel di` si favelave...
[about User-Password]
> It does, but it won't in version 3. There have been warnings in
> version 2 for years to give people notice to change it.
Ahem, evidently i've missed that.
> - Run 'radiusd -X'
> - do the auth that you have problems with
> - post the entire debug output to the list.
Ok. Only a litle note. My setup works, and so i'm triyng to make it NOT
authenticate some client... eg, i've done:
in users:
ipm1 Cleartext-Password := "pass", MS-CHAP-Use-NTLM-Auth := 0, Expiration := "Jan 28 2017 19:00:00", Huntgroup-Name := "ipm1"
in huntgroup:
ipm1 Calling-Station-Id == "c8b5b723ecd6"
And i've deliberatly insert wrongly the MAC addess, that is
'c8b5b723ecd7', as you can see looking at the log.
So, the log report a successful authentication, but is not the intended
behaviour. ;-)
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.sv.lnf.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/chi_siamo/5xmille.php
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeradius.log.gz
Type: application/octet-stream
Size: 12211 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140130/10deef8e/attachment-0001.obj>
More information about the Freeradius-Users
mailing list