check user device mac address without doing mac-auth
Eby Mani
eby_km at yahoo.com
Wed Mar 22 14:40:27 UTC 2023
Is it possible to check mac address of user device when doing standard 802.1x authentication and allow access without doing mac-auth + 802.1x ?.
The requirement is to restrict users from connecting from other devices(say BYOD) other than IT approved device allocated to user.
When using mac-auth-802.1x, server have no way of knowing which device the user is mapped to and user can connect from any authorised device in the list.
Questions,
1, Is there a guide on how to achieve this with mysql integration ?.
2a, Is it recommended to add new columns to include mac-addr in radcheck table ?.
2b, If so, will freeradius automatically check new columns values and do access-accept/reject automatically ?.
Any hints will be helpful.
Thanks,
More information about the Freeradius-Users
mailing list