SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

Physical MAC Authentication

 
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum
View previous topic :: View next topic  
Author Message
minhkhoa



Joined: 05 Jul 2004
Posts: 2
PostPosted: Mon Jul 05, 2004 5:03 am    
Post subject: Physical MAC Authentication
I want to implement MAC Authentication as a method to authentication users. Instead of using username and password to authentication. I want to create an account base on MAC address and password in a Radius server. Everytime a user login, the script looks up user physical MAC address and prompt the user for the password.

Let me know if this feature is supported by your software. If not, can your firm add this feature.

Thank you,


KHoa
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435
PostPosted: Tue Jul 06, 2004 7:14 am    
Post subject:
FirstSpot v2.1 (current version) does not have this feature.

In the coming version v3.0, we will support RADIUS server. Regarding the MAC address feature you described, we are thinking about including it.

Our plan is to add an option like "Use client MAC address as FirstSpot username", and then you need to create a RADIUS user with the client MAC address as the value of the RADIUS User-Name attribute. In terms of user experience, the client will see the web-based login page (i.e. captive portal) as usual, except the username field (i.e. MAC address) will be already filled in by FirstSpot.

Please comment on this implementation.
_________________
~ Patronsoft Limited ~
Back to top
minhkhoa



Joined: 05 Jul 2004
Posts: 2
PostPosted: Tue Jul 06, 2004 9:00 pm    
Post subject: Thank you for the quick respond
That is exactly what I would like to see. However, can you allow administrator to have an option to authenticate three values instead of two: User name, MAC address, and password. The MAC address will be hidden in this process. ALso please verify this will support freeradius from freeradius.org. When do you think this release will be available.

Thank you,

Khoa
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435
PostPosted: Wed Jul 07, 2004 3:11 am    
Post subject:
FirstSpot RADIUS packet will include the following attributes:
- User-Name
- Password
- Calling-Station-Id (i.e. MAC address of the client)
- Called-Station-Id (i.e. FirstSpot MAC address of Private Network Interface - the Network card that connects to the Hotspot)
- NAS-IP-Address (can be changed in FirstSpot Configuration Manager ,default will be Private Network Interface IP)
- NAS-Identifier (can be changed in FirstSpot Configuration Manager)

Our specification is this, there will be 2 modes of RADIUS authentication in FirstSpot.

1) Use client MAC address as FirstSpot username:
FirstSpot (i.e. RADIUS client) will send 3 fields (User-Name, Calling-Station-Id, Password) to ask for access request to the RADIUS server. In this case, the User-Name and Calling-Station-Id will be the same (i.e. MAC address)

2) Normal (NOT use client MAC address as FirstSpot username):
Same as mode 1), except that User-Name and Calling-Station-Id will be different this time around.

As for FreeRADIUS support, we will include it in our test plan. Let's see how it goes and hopefully we can certify FreeRADIUS in the first release of v3.0.
_________________
~ Patronsoft Limited ~
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group


 
© 2001-2024 Patronsoft Ltd. All rights reserved. ::::: End Users Agreement ::::: Contact Us ::::: Site Map :::::