Hi all,
I have freeradius working with a Cisco 2000 series controller. A
wireless client attempts to associate with a WAP the controller sends an
auth request to freeradius who sees the mac address of the user:
00:0e:35:1c:e0:52 Auth-Type := Local, User-Password == "testing"
Tunnel-Medium-Type = "IEEE-802",
Tunnel-Type = "VLAN",
Tunnel-Private-Group-Id = "157",
# Service-Type = Framed-User,
That puts the user in vlan 157, great, it works. So that is for a user
whose mac address is known. Now I'd like to work with unknown users.
The trouble is once one enable mac address filtering on the Cisco it
will alway call to radius. Is there away to allow all MAC addresses to
be accepted in the "users" config similar to the above? That way I
could throw all unkown users into a restricted access vlan which
redirects them to a registration page which in turn takes their mac
address and injects it into freeradius thus making them a "known" user
and puts them in a normal access vlan...
Thanks,
Brian
_____________________
Brian Ertel
Network Administrator
Amherst College
413-542-8320
[EMAIL PROTECTED]
_____________________
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
