MAC Auth Bypass and LDAP
Alan DeKok
aland at deployingradius.com
Wed Apr 8 04:15:01 CEST 2015
On Apr 7, 2015, at 1:39 PM, Brendan Kearney <bpk678 at gmail.com> wrote:
> note, the queries return all values. i am figuring i need to create a
> query that finds just the one mac address that being evaluated.
That was really my point.
> i assume this is still in the "authorize" section?
Yes.
> curious, why wont it work for wifi, and what can be done around that?
WiFi creates per-session encryption keys. You can't bypass that. You can't work around it. You can either accept the user with the correct password, or reject them. That's it.
> looks like i have my research and testing identified. thanks.
It's what I do. :)
Alan DeKok.
More information about the Freeradius-Users
mailing list