"[eap] = reject" after "Calling eap_md5 to process EAP data"
Zeus Panchenko
zeus at ibs.dn.ua
Thu Jul 9 00:25:33 CEST 2015
Alan DeKok <aland at deployingradius.com> wrote:
> > emm ... as I figured out, the problem is in password format though
> > ... it has to be the same as User-Name attribute value passed by NAS to
> > FR ...
>
> The password isn't the User-Name.
what am I missing then, please? in my case Access-Accept succeeded only
when I changed the password to the value of User-Name attribute ...
isn't "MAC auth" mean login=password=MAC ?
> > so, now I wonder, can I somehow rewrite User-Name value to use
> > normalized MAC?
>
> Don't do that.
why? if not, then what is the way to achieve the desired? to store
login/password as FR normalized MAC address and eap_md5 understand that
(while User-Name differs)?
> In v3, see raddb/policy.d/canonicalization It has policies to
> normalize MAC addresses in Calling-Station-Id. The same policies
> can be applied to other attributes, too.
does it mean I can transform original User-Name value like a1b2c3d4e5f6
to A1-B2-C3-D4-E5-F6 ?
--
Zeus V. Panchenko jid:zeus at im.ibs.dn.ua
IT Dpt., I.B.S. LLC GMT+2 (EET)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150708/3842eeb6/attachment.sig>
More information about the Freeradius-Users
mailing list