[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "Dave McCammon" <davemac11 at yahoo dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] RADIUS2 image
 Date:  Mon, 5 Dec 2005 23:36:14 +0100 
If you enable radius mac authentication you also have to fill in a
shared secret. This shared secret is used for ALL radius mac
authentication requests.

For example

Clientmac = username
Radius mac shared secret = password

I opted to use an extra field for this because the implementation
differs from vendor to vendor. Some use the nas shared secret as value,
some use a specified one. So with my solution you can serve both :)

Hope this is what you wanted to know, ps try to upgrade to the version
of 5th of December (I know there's 05-Nov-2005 14:08 in the changelog
but that had to be 05-Dec-2005)

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be
> -----Oorspronkelijk bericht-----
> Van: Dave McCammon [mailto:davemac11 at yahoo dot com]
> Verzonden: maandag 5 december 2005 23:19
> Aan: Jonathan De Graeve
> Onderwerp: Re: [m0n0wall] RADIUS2 image
> 
> I'm using the image from 11-28 with the MAC_AUTH.
> I'm using a cisco secure acs.
> My question is what is passed to the radius server as
> the password? I see the client mac address is passed
> as userid with colons but I get wrong passwords errors
> when trying mac address in xx:xx:xx:xx:xx:xx or
> xxxxxxxxxxxx or xxxx.xxxx.xxxx format in the user
> profile on the radius server.
> 
> thanks for your time,
> dave
> 
> --- Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be>
> wrote:
> 
> > 05-Nov-2005 14:08 - STATUS: testing
> >         MEDIUM:
> >         * Changes in firmware upgrade cycle to do a
> > clean reboot cycle
> > after
> >         a succesfull upgrade. Active RADIUS users
> > are now logged-off
> > before
> >         rebooting.
> >         * Changes in the SVG system to support
> > Firefox 1.5 and Adobe SVG
> >         plugin
> >         * Cosmetic changes in RADIUS behaviour with
> > radiusvendor 'hp'
> > enabled.
> >
> > You all know the url :p
> >
> > J.
> >
> > --
> > Jonathan De Graeve
> > Network/System Administrator
> > Imelda vzw
> > Informatica Dienst
> > 015/50.52.98
> > jonathan dot de dot graeve at imelda dot be
> >
> > ---------
> > Always read the manual for the correct way to do
> > things because the
> > number of incorrect ways to do things is almost
> > infinite
> > ---------
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> > m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail:
> > m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>