Has anyone managed to do this? I would like to let traffic only authenticated MAC addresses through Radius server.
I tried to use the MAC to authentication, but no success. Most cases was because the devices need to send a login and then override the attribute User-Name.
That clients I tested were Ipad 2 (iOS 9.3.5), Phone (Android 7.1.2), Windows 8.1 and Arch Linux (using Network Manager). Only Android accepted to not send a login, but disconnect after try to connect on AP (RB951Ui).
My backend was FreeRadius with MariaDB (SQL), also I tried with only file and no success too.
Config on security profiles:
>General
Auth-Type: WPA2-EAP
Cipher: AES-CCM
>Radius
MAC-Auth: yes
MAC-Account: yes
EAP-Account: no
MAC-Mode: as username
>EAP
EAP-Methods: passthrough
TLS-Mode: no certificates
TLS-Cert: none
Edit:
ROS 6 supports only 802.1X on wireless, they not give support to 802.1X in ethernet ports.
Is there any chance to support 802.1x and VLAN assignment in Router OS?