Steve Wu wrote: > I want my wireless clients to do MAC authentication via the FR box. I > have setup my users file to auth two of my test laptops: > > 000E35-84610A Auth-Type := Local, User-Password == "esradius" > 00215C-08B25D Auth-Type := Local, User-Password == "esradius"
Those entries are wrong, even in 1.1.7. You should use: 000E35-84610A Cleartext-Password := "000E35-84610A" ... > When either tries to connect up, in the FR debug I see: > > rad_recv: Access-Request packet from host 10.10.18.241:2160, id=7, length=53 > User-Name = "00215c-08b25d" > User-Password = "00215c-08b25d" Which doesn't match the password you put into the "users" file. > Why is the User-Password the MAC address and not what is specified in > the users file? I have only tweaked the users and clients.conf files. Maybe you're not clear on what's happening. The *NAS* is sending the packet containing that User-Password attribute. The RADIUS server has no control over that. The RADIUS server is supposed to look at that password, and see if it's valid. The configuration I showed above will tell the server to do that. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html