MAC Auth Bypass and LDAP

Alan DeKok aland at
Wed Apr 8 04:15:01 CEST 2015

On Apr 7, 2015, at 1:39 PM, Brendan Kearney <bpk678 at> wrote:
> note, the queries return all values.  i am figuring i need to create a
> query that finds just the one mac address that being evaluated.

  That was really my point.

> i assume this is still in the "authorize" section?


> curious, why wont it work for wifi, and what can be done around that?

  WiFi creates per-session encryption keys.  You can't bypass that.  You can't work around it.  You can either accept the user with the correct password, or reject them.  That's it.

> looks like i have my research and testing identified.  thanks.

  It's what I do. :)

  Alan DeKok.

More information about the Freeradius-Users mailing list