[Chilli] Assign IP address to AP through radius

Ravikant Patil ravikant.4784 at gmail.com
Mon Feb 10 19:05:55 UTC 2014 

​Hi Eric​
​​


   - for e
   ​very​
   dhcp request, this will
   ​ ​
   generate a radius request BEFORE allocating IP address
   - radius
   ​ ​
   request will contain mac id as user name and macpasswd as password
   - if
   ​​
   ​radius-accept, client is logged in and do not have to go through portal
   based login.
   - If
   ​​​radius-reject, client have to go through portal login.
   - In both cases IP address is assigned after radius response
   ​ is received.​
   - macallowed list should not be needed in this setup
   ​.​
   (IMO this option is ignored by coova
   ​ ​
   chilli when macauth is present)

Thanks and Regards,
Ravikant
​​



On Mon, Feb 10, 2014 at 11:50 PM, Eric Chaves <eric at craftti.com.br> wrote:

> Hi Patil,
>
> Thanks! I'll test this tomorrow and let you know the results. Just so I
> can understand, how would this impact other devices not listed in my
> macallowed?
>
> Cheers,
>
> --
> Eric Chaves
> (11) 98139-9880
>
>
> 2014-02-10 16:15 GMT-02:00 Ravikant Patil <ravikant.4784 at gmail.com>:
>
> Hi Eric,
>>
>> I haven't tried it yet but adding following options to config file
>> probably will work.
>>
>>    - macauth                 Authenticate based on MAC address
>>    (default=off)
>>
>>
>>    - strictmacauth           Be strict about MAC Auth (no DHCP reply
>>    until we get RADIUS reply)  (default=off)
>>
>>
>> Thanks and Regards,
>> Ravikant
>>
>>
>> On Mon, Feb 10, 2014 at 8:49 PM, Eric Chaves <eric at craftti.com.br> wrote:
>>
>>> Hi Folks,
>>>
>>> The Access Points used in my hotspot environment are configured to
>>> obtain it's IP address from DHCP and I would like to have coova assigning
>>> some pre-defined values for it.
>>>
>>> I though I could do this by having the AP authenticating itself via mac
>>> address and with my radius server, so after reading the man pages and some
>>> posts on the forum I configured my environment the following way:
>>>
>>> At chilli controller, I have the following parameters in
>>> /etc/chilli/local.conf
>>>
>>> defsessiontimeout=3600
>>> defidletimeout=600
>>> definteriminterval=600
>>>  moreif=eth3
>>> dhcpstart=500
>>> macallowed=XX-XX-XX-XX-XX-XX,ZZ-ZZ-ZZ-ZZ-ZZ-ZZ
>>> macpasswd=secret-password
>>>
>>> And in my radius server I added two users named 'XX-XX-XX-XX-XX-XX' and
>>> 'ZZ-ZZ-ZZ-ZZ-ZZ' and I add a Framed-IP-Address and Framed-IP-Netmask values
>>> in radius responses for, whose value dos not overlap with the dhcpstart
>>> parameter.
>>>
>>> I've tested my setup using radtest and confirmed that the authentication
>>> is working and response contains those AVP mentioned however the AP is
>>> getting a regular address from DHCP (above dhcpstart) instead of the ones
>>> sent in the radius reply.
>>>
>>> Did I misunderstood the macallowed feature? What should I do to have it
>>> working as desired?
>>>
>>> Once again thanks for all the help so far.
>>>
>>> Cheers,
>>>
>>> Eric
>>>
>>> _______________________________________________
>>> Chilli mailing list
>>> Chilli at coova.org
>>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20140211/d76c7469/attachment-0001.html>

More information about the Chilli mailing list