Paul Hampson wrote: > On Wed, Nov 03, 2004 at 02:19:21PM +0800, Chan Min Wai wrote: > >>Dana Hudes wrote: >> >>>On Wed, 3 Nov 2004, Chan Min Wai wrote: >>>Go back to the defintion of RADIUS: Remote Authentication Dial-In User >>>System. Now think. How do dialup users connect? They use SLIP/PPP. >>>PPP has provision for sending the IP address info for the connection. It >>>is part of the NCP (authentication happens in LCP). Now you are connecting >>>on an WLAN. There is no PPP. So how can the client get an IP address >>>when you set it to 'obtain IP address automatically'? Same as >>>on a wired LAN: BOOTP or DHCP. The 802.11 MAC doesn't get you IP address. > > >>I see > > >>So unless that, this "Switch" is smart enough to do a PPP connection and >>only then this IP address will be able to be distribute by the switch to >>the client. > > > No, WLAN has nothing to do with PPP. PPP is the Point to Point Protocol, > it is a protocol for talking over lines with two ends and passing layer3 > traffic across them. It is a layer 2 protocol. WLAN uses a different > layer2 protocol (or protocols?), defined in the 802.11 standards. > > Well, I guess if someone extended PPPoE to PPPo802.11, then yes? But > that would be very very daft... >
I hope that radius server can talk to the DHCP server and tell the DHCP server what ip address to be allocate... > >>So no other way round to distribute ip address (other then using DHCP >>Server) > > > In _theory_ the RADIUS server can send an IP address to the AP to give > to the device (via DHCP) but I don't think any do... (Of course, I could > be wrong... 802.1x happens before an IP address is assigned, right?) > If you need a solution like that, maybe a self-built AP using a WLAN > card that lets you use hostAP or similar? Strikes me as a major pain, > frankly. > > >>my other Question is, how I recorded what IP I've been assign to them >>using that way? > > > Should be in the Accounting-Start packet. If you don't get an > Accounting-Start packet (which is quite likely >_<) then no, no way > to record it via RADIUS. You _might_ be able to rlm_exec a script to > go fetch it from the AP's web-based management interface, but that > seems like an awful lot of hard work to me. > -- This message has been scanned for viruses and dangerous content by OCE Sdn Bhd (http://www.ocesb.com.my) MailScanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html