Jethro - On the Web App side we capture who entered the MAC and when along with the wireless users ID, device type, and if it's a student or faculty/staff so we can age out the students at the end of term. On the RADIUS side, we log auth times so we can see the last time they authenticated - which also helps in aging out devices. Since we have the user IDs. We can email them to tell them their MAC auth is going away before we delete/age it out.
BTW - we gave the system a cute name - WiiRAD - to indicate that it authenticates game consoles via RADIUS. >>-> Stan Brooks - CWNA/CWSP Emory University University Technology Services 404.727.0226 AIM/Y!/Twitter: WLANstan MSN: wlans...@hotmail.com GoogleTalk: wlans...@gmail.com -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Friday, April 16, 2010 4:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Hacking Cisco WLC - macfilters On Thu, 15 Apr 2010, Brooks, Stan wrote: > Our system uses Mac-Auth via RADIUS. We've built a > custom web app in house that updates the RADIUS auth database so trusted > people (some of our clean room techs and others) can verify the type of > device and enter the MAC into the system. Other than the MAC address, what other sort of data do you store for the entry? User? Time of registration? Any expiry time for the entry? Type of device? Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. This e-mail message (including any attachments) is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message (including any attachments) is strictly prohibited. If you have received this message in error, please contact the sender by reply e-mail message and destroy all copies of the original message (including attachments). ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.