Hi Antonio, A quick re-post of François' last message:
> I just spoke with our Meru contact, and he told me that the SSID is sent > when doing 802.1X. Since I do not have access to a Meru controller, can > you grab a capture of a 802.1X RADIUS request? It would be really appreciated. Thanks, On 22/02/11 4:02 PM, Manueco, Antonio wrote: > Nop, I don't see any SSID in the request. > > > > -----Original Message----- > From: Olivier Bilodeau [mailto:obilod...@inverse.ca] > Sent: Tuesday, February 22, 2011 3:47 PM > To: packetfence-devel@lists.sourceforge.net > Subject: Re: [Packetfence-devel] Meru Feature Devel > > Hi, > >> I am sending you the Request from the controller for MAC Auth. >> >> MAC Auth: >> >> rad_recv: Access-Request packet from host 10.224.232.220 port 32769, id=229, >> length=182 >> Service-Type = Login-User >> Framed-MTU = 1250 >> User-Name = "00-11-22-33-44-55" >> User-Password = "00-11-22-33-44-55" >> Calling-Station-Id = "00-11-22-33-44-55" >> Called-Station-Id = "00-A0-A5-5F-42-1A" >> Connect-Info = "CONNECT Unknown Radio" >> NAS-IP-Address = 10.224.232.220 >> NAS-Port-Type = Wireless-802.11 >> NAS-Port = 0 >> Message-Authenticator = 0xd3eb20961c802bc6f8d777bf195d1715 > > Do you see your SSID in the request? I'm asking just in case it's > CONNECT or CONNECT Unknown Radio... > >> >> Let me know if I can help you with anything. >> > > First, lets try to see if there's not a VSA that isn't supported by > FreeRADIUS. Can you do a tcpdump / wireshark of the Request and check if > there is not a vendor specific attribute that we don't see in the > radiusd output. > > Then, on Cisco Aironet in stand-alone mode, we need to enable a CLI > parameter in order for it to send the SSID in a VSA. ex: > > radius-server vsa send authentication > > If all else fails, at this point if you _really_ need SSID > identification we could try to find an SNMP read query that could give > it to us based on the Called-Station-Id.. but again, we would need a > caching layer otherwise it would be ridiculous to do an SNMP read to the > controller for every incoming RADIUS request we get. > > Thanks for helping us! We don't have a Meru here anymore.. > -- Olivier Bilodeau obilod...@inverse.ca :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev _______________________________________________ Packetfence-devel mailing list Packetfence-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-devel
