danletkeman at gmail.com
Mon Jun 9 01:00:31 CEST 2014
On Sun, Jun 8, 2014 at 5:39 PM, Alan DeKok <aland at deployingradius.com>
> Dan Letkeman wrote:
> > I am trying to find some info on authentication ordering.
> Probably because no one uses that term.
Ok, but I just did, so I guess I use that term :)
> > Is it the client(switch or wireless controller) that defines the
> > authentication ordering or is it the radius server?
> You're asking the wrong question.
Yes, I am asking the wrong question, because I need help, otherwise I would
not be posting a question.....(:
> > If it is the radius server how would I define EAP as the first
> > authentication method and then mac authentication as the second?
> MAC auth isn't authentication. MAC auth is just another authorization
Ok, so I can authorize a user based on there mac address. I can also
authenticate a user using EAP. I want to authenticate a user using EAP,
but if the device that a user is using does not support EAP I would like to
authorize a user based on the mac address as a last resort.
> EAP is authentication. As part of authorizing a user, you can deny
> them access because their bills aren't paid, or because they're using
> the wrong MAC.
> Alan DeKok.
> List info/subscribe/unsubscribe? See
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users