View previous topic :: View next topic |
Author |
Message |
minhkhoa
Joined: 05 Jul 2004 Posts: 2
|
Posted: Mon Jul 05, 2004 5:03 am Post subject: Physical MAC Authentication |
|
|
I want to implement MAC Authentication as a method to authentication users. Instead of using username and password to authentication. I want to create an account base on MAC address and password in a Radius server. Everytime a user login, the script looks up user physical MAC address and prompt the user for the password.
Let me know if this feature is supported by your software. If not, can your firm add this feature.
Thank you,
KHoa |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Tue Jul 06, 2004 7:14 am Post subject: |
|
|
FirstSpot v2.1 (current version) does not have this feature.
In the coming version v3.0, we will support RADIUS server. Regarding the MAC address feature you described, we are thinking about including it.
Our plan is to add an option like "Use client MAC address as FirstSpot username", and then you need to create a RADIUS user with the client MAC address as the value of the RADIUS User-Name attribute. In terms of user experience, the client will see the web-based login page (i.e. captive portal) as usual, except the username field (i.e. MAC address) will be already filled in by FirstSpot.
Please comment on this implementation. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
minhkhoa
Joined: 05 Jul 2004 Posts: 2
|
Posted: Tue Jul 06, 2004 9:00 pm Post subject: Thank you for the quick respond |
|
|
That is exactly what I would like to see. However, can you allow administrator to have an option to authenticate three values instead of two: User name, MAC address, and password. The MAC address will be hidden in this process. ALso please verify this will support freeradius from freeradius.org. When do you think this release will be available.
Thank you,
Khoa |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Wed Jul 07, 2004 3:11 am Post subject: |
|
|
FirstSpot RADIUS packet will include the following attributes:
- User-Name
- Password
- Calling-Station-Id (i.e. MAC address of the client)
- Called-Station-Id (i.e. FirstSpot MAC address of Private Network Interface - the Network card that connects to the Hotspot)
- NAS-IP-Address (can be changed in FirstSpot Configuration Manager ,default will be Private Network Interface IP)
- NAS-Identifier (can be changed in FirstSpot Configuration Manager)
Our specification is this, there will be 2 modes of RADIUS authentication in FirstSpot.
1) Use client MAC address as FirstSpot username:
FirstSpot (i.e. RADIUS client) will send 3 fields (User-Name, Calling-Station-Id, Password) to ask for access request to the RADIUS server. In this case, the User-Name and Calling-Station-Id will be the same (i.e. MAC address)
2) Normal (NOT use client MAC address as FirstSpot username):
Same as mode 1), except that User-Name and Calling-Station-Id will be different this time around.
As for FreeRADIUS support, we will include it in our test plan. Let's see how it goes and hopefully we can certify FreeRADIUS in the first release of v3.0. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|
Powered by phpBB © 2001, 2005 phpBB Group
| |