[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "Thibodeau, Dale" <dthibode at uwc dot edu>, "m0n0wall" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Captive Portal RADIUS authentication missing fields
 Date:  Wed, 19 Oct 2005 19:46:10 +0200
What is where in the fields is a big discussion and certainly they can't
say that this is wrong or not. It's a choice

Actually you can do with it what you want because RFC doesn't says this.

If you want Calling-Station-Id to be a mac address, just remove the
<radiusvendor>cisco</radiusvendor> configuration parameter from your
config.

The parameter is there for Cisco AAA compatibility which needs an IP in
the Calling-Station-Id and a Mac in the Called-Station-Id (this is what
various people told me)

Also what is gonna be the mac-address of the NAS?

Should it be the mac of the wan side or the mac of the lan side? This
depends on your situation and what you want...

So default behaviour: Client(Supplicant as you say it) Mac as
Calling-Station-Id and NO Called-Station-Id 

Cisco behaviour: Client IP as Calling-Station-Id and Client Mac as
Called-Station-id

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be

-----Oorspronkelijk bericht-----
Van: Thibodeau, Dale [mailto:dthibode at uwc dot edu] 
Verzonden: woensdag 19 oktober 2005 19:34
Aan: m0n0wall
Onderwerp: RE: [m0n0wall] Captive Portal RADIUS authentication missing
fields

Jonathan, I've been working with some HP techs and they checked out my
IAS logs.  They said the data in the log entries are mixed up and in the
wrong fields.

They should look like the following
Calling station ID: supplicants mac address
Called station id: wap mac address

How does this match up with what you coded?

Thanks,

dale

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Wednesday, October 19, 2005 4:50 AM
To: Thibodeau, Dale; m0n0wall
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Captive Portal RADIUS authentication missing
fields

I just tested the code out:

rad_recv: Access-Request packet from host 194.8.52.38:1716, id=152,
length=67
        User-Name = "jonathan"
        User-Password = "foobar"
        Calling-Station-Id = "00:40:96:a8:35:3f"


So it definitely works

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch