BYOD and base on MAC
Luc Paulin
paulinster at gmail.com
Wed Jan 31 20:50:00 CET 2018
Hi,
I know that we can do a BYOD wireless setup with freeradius base on if the
client setup was setup with certificate(EAP-TLS) or not by checking the
EAP-Type field. But I was wondering would it be possible to do it base on
MAC adresse.
The idea here is that we would like to move user to the appropriate vlan
base on his device mac. If MAC address is within that list, device is
granted to the corp vlan, else it'll default to the BYOD vlan.
In the post-auth section I did add some lines in order to try do the check
base on mac addresse
========
# We rewrite calling_station_id in order to do mac checkup
rewrite_calling_station_id
# Check against the authorized_macs file
authorized_macs
if (!ok) {
update reply {
Tunnel-Type := 13
Tunnel-Medium-Type := 6
Tunnel-Private-Group-Id := 155
}
}
else {
update reply {
Tunnel-Type := 13
Tunnel-Medium-Type := 6
Tunnel-Private-Group-Id := 157
}
}
========
However look like the authorized_macs always return noop. Am I doing
something wrong or something not supported?
Thanx !!
--
!!!!!
( o o )
--------------oOO----(_)----OOo--------------
Luc Paulin
email: paulinster(at)gmail.com
Skype: paulinster
More information about the Freeradius-Users
mailing list