[EMAIL PROTECTED] wrote: > however, if i just put the MAC info into the users file of FreeRADIUS > eg > > 000000000000 Auth-Type := Accept, Password == "000000000000" > > then i'm unable to get any authentication from the FreeRADIUS > server...heres the FreeRADIUS output:
You don't want 'Auth-Type := Accept', but that's another story. This says "for the User-Name 000.., use the Password 000..." > rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1812, id=135, length=96 > NAS-IP-Address = xxx.xxx.xxx.xxx > NAS-Port = 50001 > NAS-Port-Type = Ethernet > User-Name = "" > Calling-Station-Id = "00-00-00-00-00-00" > Service-Type = Framed-User > Framed-MTU = 1000 > EAP-Message = 0x0291000501 > Message-Authenticator = 0xfa6c0054301f530437524b5bf70b0215 There's no User-Name attribute in that packet (well, it's empty), so the previous entry in the 'users' file will never match. The EAP-Message attribute contains an EAP-Identity, with a similar empty User-Name. The EAP module currently requires a User-Name attribute for authentication, so this won't work. I'll take a look at it, but I think that the only authentication method you'll be able to use is EAP-MD5, even if the EAP module is updated. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
