PEAP/MSCHAPv2 bounded to a particular MAC Address
Alan DeKok
aland at deployingradius.com
Thu Jan 30 18:16:57 CET 2014
Marco Gaiarin wrote:
>> It does, but it won't in version 3. There have been warnings in
>> version 2 for years to give people notice to change it.
>
> Ahem, evidently i've missed that.
The warning is printed out in debug mode...
> Ok. Only a litle note. My setup works, and so i'm triyng to make it NOT
> authenticate some client... eg, i've done:
>
> in users:
> ipm1 Cleartext-Password := "pass", MS-CHAP-Use-NTLM-Auth := 0, Expiration := "Jan 28 2017 19:00:00", Huntgroup-Name := "ipm1"
See "man users". You're not checking huntgroup membership above.
You're setting it.
> So, the log report a successful authentication, but is not the intended
> behaviour. ;-)
It's working as documented.
Alan DeKok.
More information about the Freeradius-Users
mailing list