Mac authentication for wireless user(local+radius)

Created Dec 25, 2018 19:06:22Latest reply Dec 29, 2018 16:29:05 134 5 8 0


191142x5xiib7fib0b9bx0.png



1. Wireless user sends the association request, AC receives the association request

2.AC departure local MAC authentication

3.Wireless user obtain ip address


191148c82u5b6fb8uf3yyf.png


1. Wireless user sends the association request, AC receives the association request

2.AC send radius request to server

3.Wireless user obtain ip address

This post was last edited by littlestone at 2018-12-25 19:12.
  • x
  • convention:

yiyi0519  Novice   Created Dec 26, 2018 08:45:51 Helpful(0) Helpful(0)

If you use local authentication, does that mean that the user account needs to be created on the AC? Can AC synchronize user account information with other servers?
  • x
  • convention:

yechao99     Created Dec 29, 2018 09:56:04 Helpful(0) Helpful(0)

MAC address: The device uses a user's MAC address as the user name for authentication. The device can also use the MAC address or a user-defined character string as the user password.
•Fixed user name: Regardless of users' MAC addresses, all users use a fixed name and password designated on the access device for authentication. As multiple users can be authenticated on the same interface, all users requiring MAC address authentication on the interface use the same fixed user name. The server only needs to configure one user account to meet the authentication demands of all users. This applies to a network environment with reliable clients.
•DHCP option: The device replaces a user's MAC address with the obtained user DHCP option and a fixed password as identity information for authentication. In this mode, the device must support MAC authentication triggering through DHCP packets.
  • x
  • convention:

Finn92  Novice   Created Dec 29, 2018 11:05:44 Helpful(0) Helpful(0)

hello author , it's good sharing for the progress of authentication , if there is more configuration share , it's very helpful .
  • x
  • convention:

SupperRobin  Novice   Created Dec 29, 2018 11:12:36 Helpful(0) Helpful(0)

Password Authentication Protocol (PAP) is a two-way handshake authentication protocol. It transmits passwords in plain text format in RADIUS packets.

Challenge Handshake Authentication Protocol (CHAP) is a three-way handshake authentication protocol. It transmits only user names using RADIUS packets, but does not transmit passwords. CHAP is more secure and reliable than PAP. If high security is required, CHAP is recommended.
  • x
  • convention:

Torrent     Created Dec 29, 2018 16:29:05 Helpful(0) Helpful(0)

The device uses a user's MAC address as the user name for authentication. The device can also use the MAC address or a user-defined character string as the user password.
•Fixed user name: Regardless of users' MAC addresses, all users use a fixed name and password designated on the access device for authentication. As multiple users can be authenticated on the same interface, all users requiring MAC address authentication on the interface use the same fixed user name. The server only needs to configure one user account to meet the authentication demands of all users. This applies to a network environment with reliable clients.

thanks for sharing, we learned a lot
  • x
  • convention:

Responses

Reply
You need to log in to reply to the post Login | Register

Notice:To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“ Privacy Policy.”
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top