From owner-freebsd-questions Fri Sep 8 17: 3: 1 2000 Delivered-To: freebsd-questions@freebsd.org Received: from gluttony.henshaw.net (gluttony.henshaw.net [63.70.222.4]) by hub.freebsd.org (Postfix) with SMTP id 8203137B440 for ; Fri, 8 Sep 2000 17:02:32 -0700 (PDT) Received: (qmail 18944 invoked from network); 9 Sep 2000 00:02:29 -0000 Received: from dhcp-64-58-25-247.henshaw.net (HELO ben.henshaw.net) (64.58.25.247) by gluttony.henshaw.net with SMTP; 9 Sep 2000 00:02:29 -0000 Message-Id: <4.3.2.7.2.20000908174646.03505220@pop.henshaw.net> X-Sender: (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Fri, 08 Sep 2000 18:02:28 -0600 To: freebsd-questions@freebsd.org From: Ben Schumacher Subject: RADIUS Authentication via MAC Addresses Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello- I'm working on a new project for my company and was wondering if anybody could give me insight on how I might do RADIUS authentication via MAC addresses. We're looking to provide broadband internet access to entire buildings, but would prefer to do some sort of authentication scheme other than PPPoE (which creates headaches when you're trying to set it up on client boxes). One of the ideas that came to mind was authentication through MAC addresses. Since we're already using RADIUS for our dialup authenticaiton, it seemed like a good solution to tie this system into that as well. Does anybody have any ideas on how this could be accomplished on a FreeBSD platform. The idea is that when people bring up their machines, the router would verify their MAC address and if it isn't authenticated, it would drop packets to/from their box. The only solution I've come up with so far is a rather complicated kludge involving the ARP tables and ipfw rules. While this would likely work, I would prefer to do something more solid, even if it involves some hacking in the FreeBSD kernel. I open to any suggestions, so please feel free to toss out whatever you can think of. Thank you, - Ben Schumacher To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message