That sounds interesting. Can you share the script? On 12/21/18 8:22 AM, Gregory Fuller wrote:
We were actually doing this for a long time on our college network. I wrote a script doing it this exact way. We were not matching up the MAC addresses, we were just checking that the username the phone was passing to RADIATOR was a valid Cisco phone username, and that the MAC address that was being passed to us was also in CUCM and matched a CUCM device pool against the physical building that the radius request was originating from. We were basically making sure that our phones stayed within a physical building and did not migrate somewhere else without someone telling us so we could update the caller ID information appropriately for 911 use.--greg Gregory A. Fuller - CCNP R&S, CCNP Security, CCNA Wireless Network Manager State University of New York at Oswego Phone: (315) 312-5750 Web: http://www.oswego.edu/~gfuller _____________________________________________________Campus Technology Services will never ask you to email us sensitive personal information such as a password. Please contact us if you are unsure if an email is genuine. ([email protected] <mailto:[email protected]>)Date: Thu, 20 Dec 2018 13:26:01 -0500 From: "Eric W. Bates" <[email protected] <mailto:[email protected]>> To: radiator <[email protected] <mailto:[email protected]>> Subject: [RADIATOR] MAB against cisco CUCM Message-ID: <[email protected] <mailto:[email protected]>> Content-Type: text/plain; charset="utf-8"; Format="flowed" I want to provide MAC auth bypass to my phones on switches using dot1x by querying our cisco phone controller (CUCM). The CUCM has a SOAP API called AXL to which I can query by MAC address and basically just discover whether the MAC is registered in the system. Has anyone already done this? I gather the correct way to do this would be to use AuthBy External and write a script? Thanks for your time.-- Clark 159a, MS 46508/289-3112 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4188 bytes Desc: S/MIME Cryptographic Signature URL: <https://lists.open.com.au/pipermail/radiator/attachments/20181220/3ef35e7c/attachment-0001.p7s> ------------------------------ Subject: Digest Footer _______________________________________________ radiator mailing list [email protected] <mailto:[email protected]> https://lists.open.com.au/mailman/listinfo/radiator ------------------------------ End of radiator Digest, Vol 115, Issue 3 **************************************** _______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
