mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 07:22:33 +00:00
98d91e4d5e
This patch allows the user to set `auth_server` and related settings on non WPA2 Enterprise AP modes in `/etc/config/wireless`, too, so the Radius Attributes for Dynamic VLAN Assignment can be fetched from Radius. Without this patch, `auth_server` and other needed options are only written to `hostapd-phy<n>.conf` when `option encryption wpa2` is set. `hostapd` however supports "Station MAC address -based authentication" for non WPA Enterprise Modes, too. A classic approch is to use `accept_mac_file` which contains MAC addr and VLAN-ID pairs. But, using `accept_mac_file` does not support VLAN assignment for unknown stations. This is a sample `freeradius3` config, where a known station ("7e:a6:a7:2a:93:d2") is assigned to VLAN `65` and unknown stations are assigned to VLAN `67`. ``` "7ea6a72a93d2" Cleartext-Password := "7ea6a72a93d2" Tunnel-Type = "VLAN", Tunnel-Medium-Type = "IEEE-802", Tunnel-Private-Group-Id = 65 DEFAULT Cleartext-Password := "%{User-Name}" Tunnel-Type = "VLAN", Tunnel-Medium-Type = "IEEE-802", Tunnel-Private-Group-Id = 67 ``` Other option is to configure known stations via `accept_mac_file` and using only Radius for unknown stations. I tested this patch only with `wpa_key_mgmt=WPA-PSK`, and assumed that it should work with other Encryption/Access Mode, too. Signed-off-by: Bernd Naumann <bernd.naumann@kr217.de> |
||
---|---|---|
.. | ||
dhcp-get-server.sh | ||
hostapd-basic.config | ||
hostapd-full.config | ||
hostapd-mini.config | ||
hostapd.sh | ||
multicall.c | ||
wpa_supplicant-basic.config | ||
wpa_supplicant-full.config | ||
wpa_supplicant-mini.config | ||
wpa_supplicant-p2p.config | ||
wpad_acl.json | ||
wpad.init | ||
wpad.json | ||
wps-hotplug.sh |