I need to authenticate a user if there Username (MAC Address) is in the
radcheck table, regardless of the password that is sent. The Freeradius
FAQ says this:
5.5 How do I permit access to any user regardless of password?
DEFAULT Auth-Type = Accept
I do not understand where I would put this in mysql. Is this in the
usergroup table? Could I put it into one of the files and tell radius to
look at that instead of mysql? Someone please help me here...
Thanks,
Mike Hall
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey C.
Ollie
Sent: Wednesday, August 13, 2003 10:01 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco vs. Orinoco - MAC Authentication
On Wed, 2003-08-13 at 16:46, Mike Hall wrote:
> What I really need is this:
>
> A way to make the radius server think the User-Password string (sent
> from any AP) is our 'shared secret'. I can make it work if there is a
> way to do this. Here the Cisco AP will send the MAC as the
> 'User-Password' but radius will change it (before processing) to be
> our 'shared secret'. Any Suggestion? Please...
Why bother with checking the password anyway?
Here's what I use on my Cisco 350's:
xxxxxxxxxxxx Auth-Type == Accept, NAS-Port-Type == Wireless-802.11
Actually checking the password sent from a Cisco AP during MAC address
authentication is kind of pointless since it's such a weak password. I
know less about how the Orinoco handles MAC address authentication but
it doesn't sound like Orinoco's scheme is much of an improvement.
Jeff
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
