Re: [RADIATOR] Cisco 5508 passing mac for mac auth

Tue, 17 Feb 2015 23:45:06 -0800 

Hello Gabe -

I would probably use the third mode with MAC address for both username and 
password.

If you are doing simple authentication (ie. not EAP), a simple AuthBy FILE 
clause will suffice.

Something like this:


…..

<Handler>
        <AuthBy FILE>
                Filename %D/macaddresses.txt
                AddToReply …..
        </AuthBy>
</Handler>

…..


macaddress.txt would look something like this:

# macaddress.txt
# file containing MAC addresses for both username and password

c8:2a:14:50:13:22  Password = c8:2a:14:50:13:22

c8:2a:14:50:13:33  Password = c8:2a:14:50:13:33

c8:2a:14:50:13:44  Password = c8:2a:14:50:13:44

…..


If you have further questions please include a trace 4 debug showing what is 
happening.

regards

Hugh


> On 18 Feb 2015, at 12:34, Gabe Carmichael <g...@lksd.org> wrote:
> 
> All,
> When using a Cisco Wireless controller I have mac delimiters and 3 modes of 
> operation:
> 
> - Other - (In the Radius Access Request with Mac Authentication Password is 
> NOT sent.)
> 
> - Free Radius - (In the Radius Access Request with Mac Authentication 
> Password is controller's shared secret with radius server.)
> 
>  - Cisco ACS - (In the Radius Access Request with Mac Authentication password 
> is client's MAC address.)
> 
> my question is, I am trying to get Radiator to auth by mac addresses in a 
> flat file. Which mode do I need to use, and how would I need it mod my config 
> file? Attached is a copy of my config. 
> 
> -- 
> Gabe Carmichael
> Systems Analyst - Networking/Email
> Lower Kuskokwim School District
> 907-543-4860
> LKSD Internal 4 digit dial - 4860
> Skype: gabes72riv
> g...@lksd.org
> 
> <macauth.cfg>_______________________________________________
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to