Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
MAC Authentication via RADIUS
« previous
next »
Print
Pages: [
1
]
Author
Topic: MAC Authentication via RADIUS (Read 7613 times)
BrianW
Newbie
Posts: 12
Karma: 2
MAC Authentication via RADIUS
«
on:
January 21, 2019, 09:24:30 pm »
I am running OPNsense 18.7.10-amd64.
I would like to authenticate users with MAC address via RADIUS or roll to a capture page if not authenticated.
Can this be done with OPNsense? Can someone point me in the right direction?
Thanks,
Brian
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: MAC Authentication via RADIUS
«
Reply #1 on:
January 22, 2019, 06:03:24 am »
Username and password have to be the Mac address
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
BrianW
Newbie
Posts: 12
Karma: 2
Re: MAC Authentication via RADIUS
«
Reply #2 on:
January 22, 2019, 04:27:52 pm »
Thanks. I've gotten this far. If I use the default captive portal, I can key in the MAC address in the username field and it authenticates, but I do not want users to see this screen if their device has previously been authenticated.
Ideally, an authenticated device gets immediate Internet access. They should never see the captive portal. If it is not authenticated, they are redirected to my website where they can purchase service or authenticate with an activation code provided when they purchased service. This adds their MAC address to the RADIUS server.
Thanks,
Brian
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: MAC Authentication via RADIUS
«
Reply #3 on:
January 22, 2019, 04:52:14 pm »
Mac via Radius is 802.1x which is different to CP auth where you can exclude Mac via a list
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
BrianW
Newbie
Posts: 12
Karma: 2
Re: MAC Authentication via RADIUS
«
Reply #4 on:
January 22, 2019, 08:57:30 pm »
Thank you.
What I would like to happen is for OPNsense to check my RADIUS server with the MAC address of the device.
If not authenticated, redirect to our portal for sign up / activation.
I can use CP to redirect to our portal, but how do I tell OPNsense to check our RADIUS server first before invoking the CP.
Thanks,
Brian
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: MAC Authentication via RADIUS
«
Reply #5 on:
January 22, 2019, 09:50:00 pm »
Mac based auth (802.1X) is in theory the same as mac whitelist via CP.
Why don't you just set up CP and whitelist known mac addresses? Where is the difference to Radius?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
BrianW
Newbie
Posts: 12
Karma: 2
Re: MAC Authentication via RADIUS
«
Reply #6 on:
January 22, 2019, 10:36:29 pm »
That may work...
Thank you for your assistance.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
MAC Authentication via RADIUS