Hi everyone, I know that an access point can act as a radius client & then authenticate client's mac address with Freeradius server & there got to be an entry for this client in the users's file. But let's say I have 1000 clients, do I have to find out every single client's mac address & then add them into the users's file? Is there a better way of doing it?
Access control by MAC is not very secure.
I would just auto-assign within a range, and then use a strongly authenticated VPN (certificate, ssh, whatever) or a packet tunnel.
Netbumbler would allow anybody to find an authorized MAC and then use it later to access your network. With a VPN you need the certificate, does not matter what IP or MAC you use..
My two cents..
Cheers Brett
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
