UNCLASSIFIED ______________________________
From: [EMAIL PROTECTED] g [mailto:[EMAIL PROTECTED] adius.org] On Behalf Of MONTFORD, AUSTIN Sent: Friday, 16 May 2008 07:31 To: freeradius-users@lists.freeradius.org Subject: Cisco Mac-Auth-Bypass with Freeradius 2.0.4 Hey, I just got this working on a test server finally using the users file and have a quick question. I was wondering is there a way where I don't have to type the last 3 lines of this everytime in my users file? I was thinking of using some kind of setup with a seperate file for each vlan containing only the first statement (with the mac address as the user/pass). Then $include each vlanfile in the users file with freeradius appending the correct tunnel statements depending on what vlanfile the mac address was in. Anyways I haven't quite wrapped my head around the syntax to do this or am sure this is the best way. If someone has any advice that would be great. 123400000000 Cleartext-Password := "123400000000" Tunnel-Type = "VLAN", Tunnel-Medium-Type = "IEEE-802" Tunnel-Private-Group-Id = "Students" By the way Freeradius rocks! Thanks, Austin There is a couple of ways to do this. 1. Use groups. 2. Use Fall-Through and group you users file. Example: # Set boilerplate text DEFAULT Tunnel-Type = "VLAN", Tunnel-Medium-Type = "IEEE-802", Fall-Through = True # Staff systems DEFAULT Tunnel-Private-Group-Id := "Staff", Fall-Through = True $INCLUDE staff.users # Student systems DEFAULT Tunnel-Private-Group-Id := "Students", Fall-Through = True $INCLUDE student.users ... DEFAULT Auth-Type:=reject Student.users would have lines like: 123400000000 Cleartext-Password := "123400000000" 123500000000 Cleartext-Password := "123500000000" and could be generated by a script. Regards, Frank Ranner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html