how to setup MAC based authentication with LDAP

Matthew Newton mcn4 at
Fri Apr 17 13:54:48 CEST 2015

On Fri, Apr 17, 2015 at 07:38:00AM -0400, brendan kearney wrote:
> I have looked at the radtest script and there is no mention of "calling"
> anything (case insensitive search done), so I seem to be missing a clue as
> to what I should be looking for in the script.  The man page for radclient
> also does not contain the "calling" keyword.

You probably want to read up on the basics of RADIUS and what is
actually sent between the client and the server.

radtest builds a basic RADIUS request up from a few attributes
(which doesn't include Calling-Station-Id) and sends it to the
server with radclient.

radclient can send arbitrary RADIUS packets.

See "man radclient" or
- the examples.

So for starters you probably want something like

echo "Calling-Station-Id='00-1b-ea-ce-bb-a0',NAS-IP-Address=" | radclient ...

e.g. pass the RADIUS packet in on stdin, include the
Calling-Station-Id attribute. You'll probably want to include
other attributes as well - hence look at the radtest script to see
what that sends.


Matthew Newton, Ph.D. <mcn4 at>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at>

More information about the Freeradius-Users mailing list