Powered by Jitbit .Net Forum free trial version. dismiss

HomeGeneral

General issues

Using other request attribute as username Messages in this topic - RSS

teedee
teedee
Posts: 1


2.04.2020
teedee
teedee
Posts: 1
Hi Yasin,

we'd like to authenticate a user based on the port he's coming from instead of his actual MAC address.
(DHCP Option 82 using the Agent-Circuit-Id)

Is it possible to rewrite or change request attributes (especially the username = ietf|1) during authentication?

The MikroTik equipment we are using does always send the MAC address as username (which is fine in general)
but in our case in addition the attribute Agent-Circuit-ID (they use Vendor redback, Attribute-ID 97):

User-Name = 64:d1:54:99:18:0d
NAS-IP-Address = 192.168.1.2
Agent-Circuit-Id = p2-as-02 eth 0/22:100

We tried something like...

Select Attribute, Val from Users where UserName=iif('%redback|97%' != '', '%redback|97%', '%ietf|1%') and AttrType=0

...as custom authentication query.

Using SQL Profiler we noticed that TekRADIUS doesn't seem to parse the Vendor attribute in the query.
Also TekRADIUS fires a couple of other queries that contain the original username (MAC).

Do you have any hints for us if or how we can accomplish this?

Thanks and kind regards,
Teedee.


PS: 2352/redback seems to be renamed ericsson-ab by now - tried that as well...
0 link
Admin
Admin
Administrator
Posts: 5028


2.04.2020
Admin
Admin
Administrator
Posts: 5028
Hi,

Please apply update at https://www.kaplansoft.com/tekradius/release/TekRADIUS-Update.zip (or https://www.kaplansoft.com/tekradius/release/TekRADIUSLT-Update.zip if you have installed TekRADIUS LT) and try with

Select Attribute, Val from Users where UserName=iif('%ericsson-ab|97%' != '', '%ericsson-ab|97%', '%ietf|1%') and AttrType=0


again.


Best regards,


Yasin KAPLAN
0 link






Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software