> Hello guys! I was hoping you could help me with something its been > troubling me the last two days. Im using a freeradius to authtenticate > users on a WPA-Enterprise enviroment. What i would like to do now is to > add another layer of security matching the MAC address of the user as well > the user+password. The user and password thing is working without a > problem, but i dont quite understand what is the way (or the best way) to > accomplish the MAC thing. >
Oddly enough, same as the password thing - add it to radcheck (not radgroupcheck). > The questions are then: > > For the group to work, should i put another atribute apart from the > calling-station-id for the check? Like the thing you do for Dynamic VLAN > assignment... That won't work. If radgroupcheck item(s) don't match group gets ignored - user is not rejected. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
