Hi.
I have enabled the macauth option in coovachilli, but it is being ignored, the only way to make it work it is also enabling the macallowed option and introduce manually the specific mac addresses of client devices.
I'm using the router in a public space, we don't have the way to previously know the mac address of all the visitors.
How i could put this to work?
this is and example of my config
tundev="tun0"
interval="3600"
net="192.168.182.0/24"
dynip="192.168.182.0/24"
dns1="8.8.8.8"
dns2="8.8.4.4"
ipup="/etc/chilli/up.sh"
ipdown="/etc/chilli/down.sh"
radiusserver1="radius1"
radiusserver2="radius2"
radiussecret="rsecret"
radiusnasid="nas"
dhcpif="br-lan"
lease="600"
uamserver="myexternal url"
uamsecret="secret"
uamallowed="allowed ip"
macallowed="HERE I NEED TO HAVE MY MAC ADDRESS"
macpasswd="password"
macsuffix="suffix"```
This configuration is rendered at the moment of starting chilli.
Any help would be much appreciated.
Thanks!
Will only work, in case you have the alload MACs configured beforehand.
I fetch the MAC of new client during first login providing pwd/email.
Then MAC entered into RADIUS DB.
Adding the mac to the radius db it's not a problem, the problem is letting know the coovachilli in each device to mac authenticate such mac, i want covachilli to try authenticate all the users based on mac without the need to introduce each mac manually to the chilli conf.
Then you just allow every MAC. Can be done with proper RADIUS config. Simply using "wildcard" MAC in the restrictions.
However, then I am asking, why you want to do any auth, cause everybodies MAC is allowed.
You should give more info about your usage case.
I think i wasn't clear at all.
Everytime a user sign into the wifi network i need coovachilli to send an access request to the radius (even before showing the captive portal to user) , my radius will check if this mac already have an active session and in such case, it will answer with an access accept, in case there's no active session , it responds with access reject and then the captive portal is displayed to the user (the sessions are 60min and we want to achieve this for roaming purposes)
Our radius is ready for this case, the problem is to achieve coovachilli send an auth request at the moment the user sign into the ssid we need to enable the macauth option, but chilli is not sending the request unless we also enable the macallowed and manually introduce the mac address of the devices.
I hope this makes more clear my problem
I understand, user first has to login via "standard" CP. In case, user roams to other AP, users MAC (during valid session duration) should be used to avoid new login.
This is not coovas business. You need to use macauth, BUT the real work to be done on RADIUS.
So the title of this topic is not correct. And the topic itself has nothing to do with openwrt itself.
For professional assistance, you can email me on augustus_meyerAT yahooDOTde