Expect this to be incorporated in one of the new m0n0wall releases.
Jonathan De Graeve
jonathan dot de dot graeve at imelda dot be
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
> -----Oorspronkelijk bericht-----
> Van: Jonathan Karras [mailto:jkarras at karras dot net]
> Verzonden: woensdag 3 mei 2006 18:03
> Aan: Lloyd Palfrey
> CC: m0n0wall dash dev at lists dot m0n0 dot ch
> Onderwerp: Re: [m0n0wall-dev] Radius Mac Authentication failure with
> I would agree with that request. I would say while its being changed
> make it a pop down menu with some other options.
> Single Dash 000000-000000
> Dashed 00-00-00-00-00-00
> Double Period 0000.0000.0000
> Colon 00:00:00:00:00:00
> I think those are all the types our Proxim WAP's support. At work we
> into a problem similar to this. Our original WiFi buildout used
> Proxim/Orinoco AP's starting many years ago the decision was to use
> Single Dash method. Well now we are slowly moving to Cisco AP's and
> found that they don't support the single dash.
> Lloyd Palfrey wrote:
> > Yeah I've found the problem
> > Most radius servres don't support ":" in the username. IMHO this
> > should be stripped out before sent to the radius server..
> > Anyone thinking the same?
> > -----Original Message----- From: Jonathan Karras
> > [mailto:jkarras at karras dot net] Sent: 03 May 2006 16:39 To: Lloyd
> > Cc: m0n0wall dash dev at lists dot m0n0 dot ch Subject: Re: [m0n0wall-dev] Radius
> > Mac Authentication failure with IAS
> > Lloyd Palfrey wrote:
> >> I've created the username and password in active directory called
> >> 00:07:e9L:81:66:39 - However the prewindows2000 name cant have ":"
> >> so I have to remove them for that.
> >> Every time I try to access a page through the captive portal it
> >> takes me to the username/password box. Failing to auto
> >> authenticate. It sends the username and password but that fails.
> >> I've also tried sending the mac address as the username and
> >> password manually.. This also
> > fails.
> >> Can anyone shed any light on this? Maybe the ":"'s should be
> >> removed from the mac addresses before it trys to auth?
> >> Any help would be greatfull appreciated.
> >> Many Thanks
> > I have not used Win2K3 for my radius/LDAP combo but with my
> > FreeRadius/OpenLDAP combo I did just as you said above.
> > I went into the "RADIUS MAC authentication" section of captive
> > portal. Set the check box to enable. Then set a shared secret. I
> > used this secret as the password on the user who's username was the
> > MAC with colon's. This seemed to work for me.
> > Jonathan
> > Disclaimer - May 3, 2006 This email and any files transmitted with
> > are confidential and intended solely for 'Jonathan Karras'. If you
> > are not the named addressee you should not disseminate, distribute,
> > copy or alter this email. Any views or opinions presented in this
> > email are solely those of the author and might not represent those
> > West Suffolk Hospital. Warning: Although we've has taken reasonable
> > precautions to ensure no viruses are present in this email, we
> > accept responsibility for any loss or damage arising from the use of
> > this email or attachments.
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch