Page 1 of 1
MAC binding of internet users to restrict usage
Posted: Mon Jan 29, 2007 4:11 pm
by ravin
Hi,
Have configured Mikrotik 2.9 and freeradius server with mysql server for database. I have created some users in mysql db. I can log in through PPPoE server with the username and password stored in mysql db. I want to give access to our users based on mac binding. Have searched a lot on net but no luck. (IP POOL is on in Mikrotik which gives IP addresses to clients).
Please give me proper solution.
Thanks in advance
ravin
MAC Addr
Posted: Mon Feb 05, 2007 12:46 pm
by ferry
I just want to take a note, that the use of ip pool. in ip pool we can see the used address(the active ip's) and the mac address. from that we can filter by mac address..
* ip - pool - tab used address, u can see the mac addr
Thx,
Posted: Mon Feb 05, 2007 3:35 pm
by virtualmystic
radcheck & radreply items will do the work for you..add caller-id in radcheck items and set user's MAC in it. once using db its better to assign ip to user from database, thus u can have username, password, mac and ip binding all togather.
if you use dialupadmin with freeradius, you can use accounting or online users to check their ip addresses & mac addresses.
regds,
Asad
Posted: Tue Feb 06, 2007 1:08 pm
by ravin
Thanx for your help. It really worked. I have created one more entry for the user with his mac id and attribute type 'caller-id' in radcheck. Now there are two rows for each user one with username and password and second row with username and his mac id. Can't we have single row where we can put username, password, mac id, ip address. Also please let me know how can I give fixed IP address to user, so that all users will have mac and ip address binding.
Also I want to know what is this radreply file used for? There are no records in this file
radcheck & radreply items will do the work for you..add caller-id in radcheck items and set user's MAC in it. once using db its better to assign ip to user from database, thus u can have username, password, mac and ip binding all togather.
if you use dialupadmin with freeradius, you can use accounting or online users to check their ip addresses & mac addresses.
regds,
Asad
Posted: Tue Feb 06, 2007 1:30 pm
by virtualmystic
that is the architecture of freeradius..u cant change it..for each check item for each user there is saperate row..
radreply is used to send radius attributes to NAS...like if you want to give specific ip to user against loginname...you wil add ip-address attribute to radreply table..
Regds,
Asad
Posted: Wed Feb 07, 2007 7:23 am
by ravin
Thank you for your prompt reply. Where can I get complete list of Radius Attributes which I can use in radcheck, radreply etc. ?
that is the architecture of freeradius..u cant change it..for each check item for each user there is saperate row..
radreply is used to send radius attributes to NAS...like if you want to give specific ip to user against loginname...you wil add ip-address attribute to radreply table..
Regds,
Asad
Posted: Wed Feb 07, 2007 8:09 am
by sergejs
IP binding in hotspot
Posted: Wed Feb 07, 2007 10:37 pm
by monaro
Cant you just do an ip binding in hotspot. Go to hotspot then go to ip binding. enter the mac address. Then set the status to bypass.