We were actually doing this for a long time on our college network. I wrote a script doing it this exact way. We were not matching up the MAC addresses, we were just checking that the username the phone was passing to RADIATOR was a valid Cisco phone username, and that the MAC address that was being passed to us was also in CUCM and matched a CUCM device pool against the physical building that the radius request was originating from. We were basically making sure that our phones stayed within a physical building and did not migrate somewhere else without someone telling us so we could update the caller ID information appropriately for 911 use.
--greg Gregory A. Fuller - CCNP R&S, CCNP Security, CCNA Wireless Network Manager State University of New York at Oswego Phone: (315) 312-5750 Web: http://www.oswego.edu/~gfuller _____________________________________________________ Campus Technology Services will never ask you to email us sensitive personal information such as a password. Please contact us if you are unsure if an email is genuine. ([email protected]) Date: Thu, 20 Dec 2018 13:26:01 -0500 > From: "Eric W. Bates" <[email protected]> > To: radiator <[email protected]> > Subject: [RADIATOR] MAB against cisco CUCM > Message-ID: <[email protected]> > Content-Type: text/plain; charset="utf-8"; Format="flowed" > > I want to provide MAC auth bypass to my phones on switches using dot1x > by querying our cisco phone controller (CUCM). The CUCM has a SOAP API > called AXL to which I can query by MAC address and basically just > discover whether the MAC is registered in the system. > > Has anyone already done this? > > I gather the correct way to do this would be to use AuthBy External and > write a script? > > Thanks for your time. > > -- > Clark 159a, MS 46 > 508/289-3112 > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: smime.p7s > Type: application/pkcs7-signature > Size: 4188 bytes > Desc: S/MIME Cryptographic Signature > URL: < > https://lists.open.com.au/pipermail/radiator/attachments/20181220/3ef35e7c/attachment-0001.p7s > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > radiator mailing list > [email protected] > https://lists.open.com.au/mailman/listinfo/radiator > > ------------------------------ > > End of radiator Digest, Vol 115, Issue 3 > **************************************** >
_______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
