Hello list, I need some help on some unlang portion (if this is the right solution).
Here is context: I need to do 802.1x on Ethernet switch for dynamic VLAN assignment for PCs . The problem is I have some phones connected between the PC and the switch. I don't want the users to login 802.1X with the phones so I have set them up to do MAC address user name and password without annoying the user over CHAP. Using users files works perfectly for my phones, as the ldap back end is for PC users. However, I have 300 phones that can be replaced if they are broken and I don't want to store all the info by hand in the users file. I tried to put this in the users file: if ( "%{User-Name}" =~ "00030BCA[0-9A-F]+" ) { "%{Cleartext-Password}" == "%{User-Name}" } Put it doesn't work because CHAP cannot find the user and his clear text password. So I guess I have put it in the wrong section AND/OR have done something wrong with my if but I can't find a way of checking as radius seems not to bother about it. I also tried to put it in the authentication section without success. I have read this http://wiki.freeradius.org/Mac-Auth but it seems too advanced for what I want to do as I don't need to rewrite anything. This guided me to try and put the script somewhere else. Thanks for your precious help. Best Regards, Matt - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html