DHCP Dynamic pool and MAC authentication

Thomas Bru tbru at afone.com
Fri Mar 21 08:26:22 CET 2014

>> I am having the exact same issue. Can anybody assist with this issue. "anybody
>> can connect a device on my network and the Freeradius server reply to DHCP
>> Discover, assign an IP address using the mysql radipool table but without
>> checking if the mac address is in the radcheck table."

> Haven't looked at this directly, but it should be pretty easy. I'm
> guessing you want to either copy DHCP-Client-Hardware-Address into
> Calling-Station-Id, then call sql (with Calling-Station-Id in the
> radcheck table), or just all DHCP-Client-Hardware-Address directly
> into the radcheck table, then just call sql.

> Based on the result code from sql, you probably then want to
> update the DHCP-Message-Type to inhibit a reply if the MAC wasn't
> found.


I successed to install and configure MAC Authentication ans DHCP pool.
But at this point, I have done to many thing to explain how we can implement this solution.
I hope I will reinstall it the next week and I will give you the solution.

But the solution works :)

Best Regards


More information about the Freeradius-Users mailing list