Hello,
How do I set up a freeradius server so that if the password fails for
the primary radius server it tries the secondary for the password. In
my scenario, the primary is up and servicing requests, but the
password for the device is incorrect. Now the device looks to the
secondary to
Hello,
Our network group is going to be changing the 'secret' for all of
their gear but they are going to do it in stages. I was wondering if
there is a way to have two 'secret' entries in the clients.conf file.
Leave the original until the change is complete and have the new
'secret'
Hello,
I have a strange problem. I have about 65 users using wpa+PEAP+FreeRadius with
Linksys WAP4400n APs. I have 3 buildings with 19 AP's per building using POE and
wired back to a switch and each switch in each building uses an ethernet cable
to tie into the main switch connected to the
Quoting gkalinec [EMAIL PROTECTED]:
What would, in your opinion, be better? TTLS or PEAP?
I believe with TTLS you would need to load software on each computer, can
someone else verify that? I am using PEAP and it works with Windows, Macs and
linux(using wpa_supplicant or xsupplicant).
Also,
Quoting King, Michael [EMAIL PROTECTED]:
You configure your client to use TTLS or PEAP, and upon connecting to
the network, they will be prompted to enter username and password. If
they don't have one, they don't get on. If they do have one, they get
on.
This also solves your problem of
Quoting Harish Sharma [EMAIL PROTECTED]:
Hi
I m running a radius server. Can anybody guide me to authentication based on
userid+password+mac-address. What should be the entries in /etc/raddb/users
file.
bobd Calling-Station-Id != 00-00-4A-35-28-00, Auth-Type := Reject
bobd
Alan and Phil,
Thanks a lot for all the help in getting this set up. I now have a
username/password pair as well as also requiring the MAC to be present in the
authentication. Your help was invaluable to me for getting this working right
and for clearing up some of the assumptions I had made
Could I also do:
bob password = neil, Calling-Station-Id != 0001, Auth-Type :=
Reject
So that both pieces of information have to be present to be authenticated?
No, that would always reject the user. You could do this:
bob Calling-Station-Id != 0001, Auth-Type := Reject
This is what I am trying to accomplish:
I want to use mac address based authentication with WPA+PEAP. I have finally
figured out how to get my Wireless laptop to connect and get a DHCP address
through freeradius using the certificates created with openssl using the CA.all
script.
How do I
Quoting Alan DeKok [EMAIL PROTECTED]:
How do I validate a user by mac address so that the users mac would be
their
username?
What is the format of the MAC in the 'users' file? I have seen it as
01020304-0a020304 or something similiar, is that correct?
The format is whatever format
10 matches
Mail list logo
