› Forums › Network Management › RADIUS 802.1x and Captive Portal › Radius MAC authentication (not working as expected)
- This topic is empty.
-
AuthorPosts
-
July 24, 2014 at 11:53 am #43996
jstrebel
MemberHello,
up to now I have not managed to make MAC Address authentication to work as I whish. The used AP’s have a function which is called “Radius MAC authentication”.Setup:
Two AP’s are connected to ZEROSHELL with Radius authentication enabled. This AP’s have a Captive Portal function where users need to enter name and password.I login successfully at the first AP. Then I move to the second AP, the system asks me again to enter name and password. I expect that I do not to login again. But I need to enter name and password again. After this I can move back and forward without reauthentication.
This the Radius request from the first AP I see in ZS:
Called-Station-Id = “00:0d:b9:33:b3:fd”
Calling-Station-Id = “10:40:f3:b8:c4:d8”This the Radius request from the second AP I see in ZS:
Called-Station-Id = “00:00:24:cf:bc:c9”
Calling-Station-Id = “10:40:f3:b8:c4:d8”What do I need to change (configure) in ZS to enable that users need only to authenticate once, and then they get access on all AP’s which are connected to the same ZS?
Thank you for your help in advance JakobAugust 4, 2014 at 7:56 am #53394jstrebel
MemberHi, I spent more hours to find the root cause, no success.
I have attached a log file. In this log file I see that the Radius Server does not recognize the MAC address which I expect to be recognized as “User”
User-Name = “ac:cf:5c:be:45:98”
I have also tried to change DEFAULT Simultaneous user to 2 in /raddb/user file without success.Thank you for your help. Jakob
Link to the Log file: http://goo.gl/8xQpVLSeptember 22, 2014 at 7:05 pm #53395imported_fulvio
ParticipantOn my opinion the RADIUS server works correctly. The issue is that the captive portal working on the access points are not communicating with each other the authentication result. Any AP works standalone. Instead you should use e Wireless LAN Controller that coordinates your AP activities. In alternative you can use the captive portal of Zeroshell instead of the captive portal embedded in the AP.
Regards
Fulvio -
AuthorPosts
- You must be logged in to reply to this topic.