EAP & MAC Auth
Phil Mayers
p.mayers at imperial.ac.uk
Tue Jun 17 17:21:16 CEST 2014
On 17/06/14 16:07, Russell Mike wrote:
> Hi List Members
>
>
> How can we do EAP authentication & MAC address look up in addition
> (stored in MySQL DBMS) before accepting?
This question is very vague. Please be more specific.
The literal answer is "put an SQL lookup into your config" but this
doesn't help you.
Here's an example of something you might do:
authorize {
...
if (EAP-Message && Calling-Station-Id) {
# some SQL query to find out which username
# is allowed for this MAC address
update control {
Tmp-String-0 := "%{sql: ... where mac='%{Calling-Station-Id}'}"
}
if (control:Tmp-String-0 != "%{User-Name}") {
# this username isn't allowed from this mac
reject
}
}
...
eap
}
If you want a more specific example, please ask a more specific question.
More information about the Freeradius-Users
mailing list