[Chilli] Assign IP address to AP through radius
Ravikant Patil
ravikant.4784 at gmail.com
Mon Feb 10 19:05:55 UTC 2014
Hi Eric
- for e
very
dhcp request, this will
generate a radius request BEFORE allocating IP address
- radius
request will contain mac id as user name and macpasswd as password
- if
radius-accept, client is logged in and do not have to go through portal
based login.
- If
radius-reject, client have to go through portal login.
- In both cases IP address is assigned after radius response
is received.
- macallowed list should not be needed in this setup
.
(IMO this option is ignored by coova
chilli when macauth is present)
Thanks and Regards,
Ravikant
On Mon, Feb 10, 2014 at 11:50 PM, Eric Chaves <eric at craftti.com.br> wrote:
> Hi Patil,
>
> Thanks! I'll test this tomorrow and let you know the results. Just so I
> can understand, how would this impact other devices not listed in my
> macallowed?
>
> Cheers,
>
> --
> Eric Chaves
> (11) 98139-9880
>
>
> 2014-02-10 16:15 GMT-02:00 Ravikant Patil <ravikant.4784 at gmail.com>:
>
> Hi Eric,
>>
>> I haven't tried it yet but adding following options to config file
>> probably will work.
>>
>> - macauth Authenticate based on MAC address
>> (default=off)
>>
>>
>> - strictmacauth Be strict about MAC Auth (no DHCP reply
>> until we get RADIUS reply) (default=off)
>>
>>
>> Thanks and Regards,
>> Ravikant
>>
>>
>> On Mon, Feb 10, 2014 at 8:49 PM, Eric Chaves <eric at craftti.com.br> wrote:
>>
>>> Hi Folks,
>>>
>>> The Access Points used in my hotspot environment are configured to
>>> obtain it's IP address from DHCP and I would like to have coova assigning
>>> some pre-defined values for it.
>>>
>>> I though I could do this by having the AP authenticating itself via mac
>>> address and with my radius server, so after reading the man pages and some
>>> posts on the forum I configured my environment the following way:
>>>
>>> At chilli controller, I have the following parameters in
>>> /etc/chilli/local.conf
>>>
>>> defsessiontimeout=3600
>>> defidletimeout=600
>>> definteriminterval=600
>>> moreif=eth3
>>> dhcpstart=500
>>> macallowed=XX-XX-XX-XX-XX-XX,ZZ-ZZ-ZZ-ZZ-ZZ-ZZ
>>> macpasswd=secret-password
>>>
>>> And in my radius server I added two users named 'XX-XX-XX-XX-XX-XX' and
>>> 'ZZ-ZZ-ZZ-ZZ-ZZ' and I add a Framed-IP-Address and Framed-IP-Netmask values
>>> in radius responses for, whose value dos not overlap with the dhcpstart
>>> parameter.
>>>
>>> I've tested my setup using radtest and confirmed that the authentication
>>> is working and response contains those AVP mentioned however the AP is
>>> getting a regular address from DHCP (above dhcpstart) instead of the ones
>>> sent in the radius reply.
>>>
>>> Did I misunderstood the macallowed feature? What should I do to have it
>>> working as desired?
>>>
>>> Once again thanks for all the help so far.
>>>
>>> Cheers,
>>>
>>> Eric
>>>
>>> _______________________________________________
>>> Chilli mailing list
>>> Chilli at coova.org
>>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20140211/d76c7469/attachment-0001.html>
More information about the Chilli
mailing list