Freeradius switch mac authentication bypass

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Simple Konfig

  • cat /etc/freeradius/clients.conf
client localhost {
 ipaddr = 127.0.0.1
 secret = sysadm
 require_message_authenticator = no
 nastype = other
}
client lan-clients {
 ipaddr = 192.168.240.0
 netmask = 21
 secret = sysadm
 require_message_authenticator = no
 nastype = other
}
  • cat /etc/freeradius/users
60eb69962da5  Cleartext-Password := "60eb69962da5"
485b39ad8af3  Cleartext-Password := "485b39ad8af3"
0800274d3bae  Cleartext-Password := "0800274d3bae"
0016d32ebb2e  Cleartext-Password := "0016d32ebb2e"


xinux  Cleartext-Password := "suxer"
rudi  Cleartext-Password  := "wiggel"

DEFAULT	Framed-Protocol == PPP
	Framed-Protocol = PPP,
	Framed-Compression = Van-Jacobson-TCP-IP

DEFAULT	Hint == "CSLIP"
	Framed-Protocol = SLIP,
	Framed-Compression = Van-Jacobson-TCP-IP

DEFAULT	Hint == "SLIP"
	Framed-Protocol = SLIP

Test

  • radtest -x xinux suxer 192.168.244.129 1812 sysadm
Sending Access-Request of id 73 to 192.168.244.129 port 1812

User-Name = "xinux" User-Password = "suxer" NAS-IP-Address = 192.168.244.129 NAS-Port = 1812 Message-Authenticator = 0x00000000000000000000000000000000 

rad_recv: Access-Accept packet from host 192.168.244.129 port 1812, id=73, length=20
Abgerufen von „http://wiki.ixheim.de/index.php?title=Freeradius_switch_mac_authentication_bypass&oldid=9161