> At 12:47 PM 8/8/2001 +0200, Joerg Reuter wrote:
> >Hi,
> >has anyone successfully set up MAC- address authentication via Radius for
> >Lucent AP-1000 access points? I have a network here with 5 APs,
> each with a
> >MAC ACL of about 30 hosts; to simplify administration I'm trying
> to switch
> >to radius. I've configured one of the access points to use Radius (in
> >addition to the standard auth table) for testing.
> >The problem is that the access point doesn't even seem to try to contact
> >the Radius server! Neither verbose debug radiusd nor snoop showed any
> >packets coming from it.
> > >From the testing notebook I can contact the AP via the AP
> tool, but can't
> >contact the network.
> >Can anyone give me a hint what's going wrong? Thanks in advance!
>
> Sounds like a problem with the AP. I'd suggest looking for support on
> that first. Once you've got it talking to Radius, then this would be
> the appropriate place, but right now it's a problem with the AP, not
> the Radius server.
The AP works as it should: the notebook cannot connect since the radius
server does not authenticate it. Orinoco access control applies only to the
wireless/wired interface, so even if unauthenticated, anyone can connect to
the wireless resources, but not on the resources on the (bridged) wired side
of the AP.
Do you have the mac address as a username and in correct format
("3e8f6a-e2b2c2", not like 2a-3d-aa-blabla as in mac list of the AP)? if the
radiusd cannot see your requests, maybe you have different shared secret on
AP and radius server?
Hope it helps, rgs Veli-Matti
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
