Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 9 Sep 2003 20:01:14 +0200
From:      Martin Jessa <freebsd@yazzy.org>
To:        freebsd-isp@freebsd.org
Subject:   Re: Radius and MAC Address Access Control
Message-ID:  <20030909200114.2d36cdea.freebsd@yazzy.org>
In-Reply-To: <Pine.BSF.4.53.0309091558590.93188@e0-0.zab2.int.zabbadoz.net>
References:  <20030909121457.672d3b41.freebsd@yazzy.org> <Pine.BSF.4.53.0309091558590.93188@e0-0.zab2.int.zabbadoz.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi.

What I really need is to make my AP's talk to the radius server which connects to an SQL backend and allows users to login.
I have a setup now with radius server that authenticates my vpn users with data supplied by MySQL.
The users get either static or dynamic IP's from different pools.
It works great except for one thing. The commercial users are not allowed to create IPsec tunnels to other places.
For that I want to use WPA and a controll system based on Mac-addresses.
My AP supports radius and I wanted to give it a shot.
I just don't understand how that authentication method works with radius Mac-addresses.
Is there any tool for radiator that can be used to easly manage users with a web based interface? 
I don't want nor can teach my customer how to add users from command prompt.

Thanks.

YazzY




On Tue, 9 Sep 2003 16:05:04 +0000 (UTC)
"Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> wrote:

> On Tue, 9 Sep 2003, Martin Jessa wrote:
> 
> Hi,
> 
> > I am setting up system for a Wireless ISP trying to figure out how to
> > enable MAC Address Access Control with a radius server.
> > I need to find out how it can be done and what Radius server supports
> > tricks like that.
> > Any ideas?
> 
> If your AP supports radius set radius secret and IP address there.
> Though I am not very happy with freeradius I am using this a home.
> radiator also supports this.
> 
> freeradius user file entry with an orinoco ap may simply look like
> this:
> 
> # someone's MAC
> 001234-56789a           Auth-Type := Accept
> 
> 
> There is at least one paper around that describes how to set things
> up. I think you might find links on freeradius or radiator homepages.
> Thay also describe configuration with Windows clients if I remember
> correctly.
> 
> -- 
> Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT
> 56 69 73 69 74				http://www.zabbadoz.net/
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030909200114.2d36cdea.freebsd>