[RADIATOR] Cisco 5508 passing mac for mac auth

Hugh Irvine hugh at open.com.au
Wed Feb 18 01:44:34 CST 2015


Hello Gabe -

I would probably use the third mode with MAC address for both username and password.

If you are doing simple authentication (ie. not EAP), a simple AuthBy FILE clause will suffice.

Something like this:


…..

<Handler>
	<AuthBy FILE>
		Filename %D/macaddresses.txt
		AddToReply …..
	</AuthBy>
</Handler>

…..


macaddress.txt would look something like this:

# macaddress.txt
# file containing MAC addresses for both username and password

c8:2a:14:50:13:22  Password = c8:2a:14:50:13:22

c8:2a:14:50:13:33  Password = c8:2a:14:50:13:33

c8:2a:14:50:13:44  Password = c8:2a:14:50:13:44

…..


If you have further questions please include a trace 4 debug showing what is happening.

regards

Hugh


> On 18 Feb 2015, at 12:34, Gabe Carmichael <gabe at lksd.org> wrote:
> 
> All,
> When using a Cisco Wireless controller I have mac delimiters and 3 modes of operation:
> 
> - Other - (In the Radius Access Request with Mac Authentication Password is NOT sent.)
> 
> - Free Radius - (In the Radius Access Request with Mac Authentication Password is controller's shared secret with radius server.)
> 
>  - Cisco ACS - (In the Radius Access Request with Mac Authentication password is client's MAC address.)
> 
> my question is, I am trying to get Radiator to auth by mac addresses in a flat file. Which mode do I need to use, and how would I need it mod my config file? Attached is a copy of my config. 
> 
> -- 
> Gabe Carmichael
> Systems Analyst - Networking/Email
> Lower Kuskokwim School District
> 907-543-4860
> LKSD Internal 4 digit dial - 4860
> Skype: gabes72riv
> gabe at lksd.org
> 
> <macauth.cfg>_______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
hugh at open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.



More information about the radiator mailing list