Community discussions

 
Spartacus
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Thu Apr 19, 2018 6:38 pm

MAC auth with dynamic VLAn assignment

Tue Oct 22, 2019 12:22 pm

Hi everybody,
I have insatlled a RADIUS server and running MAC authentification with dynamic VLAN assignment on my Cisco Switch for the wired clients. This works pretty good. Username and password is the MAC addess of the cclient and the response ffrom RADIUS is the VLAN which is assigned to the client independent from the switch port. The Cisco switch is uplinked to the RB 3011 Router which provides the VLANs

Now I wanted to add a similar service for my WLAN clients. I have installed 4 cAP ACs, managed by CAPSMAN on RB3011. All cAPs are wired to the Cisco SG350x.

Does anybody know, if this is possible and how I can manage this on CAPSMAN? I wanted to use only one SSID for all VLANs. WLAN-Clients should have been registered in the same FreeRadius Database as the wired clients.

I found a workaround with WPA2EAp and passthrough, but this Service requires to enter password and username on the Client (e.g. Android) when WLAN connection is established. This is not very useful to enter MAC-Address for credentials

Regards,
Christian
 
Spartacus
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Thu Apr 19, 2018 6:38 pm

Re: MAC auth with dynamic VLAn assignment

Wed Oct 23, 2019 11:10 pm

Hi,
nobody an idea, if this works, or how to configure?
Spartacus
 
anav
Forum Guru
Forum Guru
Posts: 3100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: MAC auth with dynamic VLAn assignment

Thu Oct 24, 2019 7:37 pm

I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
Spartacus
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Thu Apr 19, 2018 6:38 pm

Re: MAC auth with dynamic VLAn assignment

Wed Oct 30, 2019 10:26 pm

Hi anav,
thanks for reply,
Now it works with Freeradius and mysql-DB. WLAN-Client authenticates with its MAC-Address and receives the desired VLAN. I use a single SSID for all VLANs with multiple cAPs, managed via CAPSMAN.
Spartacus
 
lfoerster
just joined
Posts: 3
Joined: Sun Nov 10, 2019 1:00 pm

Re: MAC auth with dynamic VLAn assignment

Sun Nov 10, 2019 1:08 pm

An excellent documentation regarding this issue can be found here:
https://administrator.de/wissen/dynamische-vlan-zuweisung-wlan-u-lan-clients-mikrotik-512768.html
Guess its based on one of your posts there..?! :)
 
Spartacus
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Thu Apr 19, 2018 6:38 pm

Re: MAC auth with dynamic VLAn assignment

Sun Nov 10, 2019 5:43 pm

Hi,
thanks but I know this Tutorial very well! :-)
Christian

Who is online

Users browsing this forum: No registered users and 19 guests