FreeRadius auth by MAC address
Posted: Wed Jun 13, 2007 10:47 pm
I've searched the Net over for this one. I have a working FreeRadius server, but only PAP & user name / password logins on a hotspot. When I follow the Mikrotik "how-to's" on authorizing by MAC, my auth attempts fail every time. The MT wiki states this:
If anyone could show me how they set that up in their FreeRadius user's file with no password, it would be much appreciated. Can't find any examples anywhere. I'm on my second day straight of working on this, and would be happy if I could get this last little thing working.
Thanks,
I did all of that...but the problem is, I can't get FreeRadius to authenticate when there isn't a password. With NtRadPing, I can get an accept if I add a password. Without the password it is rejected.To authorize associations on an AP interface, first set up a RADIUS server with "Wireless" enabled, then you simply need to set "radius-mac-authentication=yes" in the security profile for the AP. You can do this through winbox by going to the Wireless->Security Profiles tab, double clicking your profile and ticking the "RADIUS MAC Authentication" box. Mikrotik will submit the MAC address as the username in the format 00:11:22:33:44:55 with a blank password. Since Mikrotik submits a blank password, you will need to keep this in mind when developing your security systems.
If anyone could show me how they set that up in their FreeRadius user's file with no password, it would be much appreciated. Can't find any examples anywhere. I'm on my second day straight of working on this, and would be happy if I could get this last little thing working.
Thanks,