[ previous ] [ next ] [ threads ]
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "Peter Parnican" <monowallboy at gmail dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] 1.21 - Captive Portal - Pass-through MAC
 Date:  Sat, 21 Jan 2006 12:58:08 +0100
> Hi,
> thx. for reply but that is not i wanted to read :)   ...actually, its
> going
> to be problem replace all my 24 wifi clients... Probaly i'll use
> combinations pass throught MAC and allowed IP until this problem will
> solved :(

I don't think this problem will be resolved. I explicitly programmed
this behaviour to workaround a possible problem that could arise when
the m0n0box is unable to get the mac of the client. In this case mac
authentication should NEVER happen since you don't know which user you
are authenticating)

I also wrote this in the GUI:

Disable MAC filtering
If this option is set, no attempts will be made to ensure that the MAC
address of clients stays the same while they're logged in. This is
required when the MAC address of the client cannot be determined
(usually because there are routers between m0n0wall and the clients). If
this is enabled, RADIUS MAC authentication cannot be used.

You're asking it like this (different situation):

I have 2 AP: A and B with mac authentication enabled.

If client connects to B, I want A to mac authenticate the client before
allowing it access to B. This is impossible ;)

> But if this is not going to be supported funcionality its better to
> this field from CP settings page. Or just put there short
> work in progress...

> Thanks to all of u for your help with this issue and I hope this
> funcionality will be fixed in next release.
Probably not since its not an issue, it was designed this way, I will
think about it. If somebody can give me a good reason, but actually I'm
surprised that Pass-Through MAC is allowed when you enable the "disable
mac filtering" feature :)))