CREDENTIAL RULES in Control Panel with physical address

Discussion for beta versions of WinGate

CREDENTIAL RULES in Control Panel with physical address

Postby sigih. » Dec 30 11 5:04 am

Hello all,

I can't create a credential rules based on "Physical address".
I checked all possible "Matches" like:
12:34:56:78:90:ab
12.34...
12,34,,,
12 34 ...

No chance to see an assumed user under "activity" with the username.
Has someone an example who does it work ?
Do I forget anything ?
I use Wingate 7.0.6

greetz
sigih.
You do not have the required permissions to view the files attached to this post.
sigih.
 
Posts: 46
Joined: May 19 09 8:43 pm
Location: Telfs / Austria ... middle of the Alps ...

Re: CREDENTIAL RULES in Control Panel with physical address

Postby sawi » Dec 30 11 7:22 am

maybe you can try enter the MAC Address without the ":"
example : 77 B2 55 66 12 5T
sawi
Senior Member
 
Posts: 129
Joined: Mar 26 09 4:49 pm

Re: CREDENTIAL RULES in Control Panel with physical address

Postby sigih. » Dec 31 11 1:06 am

Did it !

With spaces and upper capital letters - 21 AB 58 ...

But now I have in the DHCP / STATUS always ORDERED (?!) and and not IN USE the client gets no IP.

For now I'll deactivate the credential rules ... think there are a few inconsistencies in the parameterization of the DHCP.

I use the DHCP for my WLAN's. The AP of the WLAN's makes the connection via WPA2-PSK and Wingate with the DHCP service gives me the IP's for the clients.
I use D-Link DWL2100AP (2x) and DAP1353 - all work great also in WDS + AP Mode ... before wingate makes the DHCP I had a DHCP server on each of my three AP's.
Now it's much easier to configure and administrate ... but still not perfect.

greetz
sigih.
sigih.
 
Posts: 46
Joined: May 19 09 8:43 pm
Location: Telfs / Austria ... middle of the Alps ...

Re: CREDENTIAL RULES in Control Panel with physical address

Postby adrien » Dec 31 11 7:36 am

Hi

the MAC address shouldn't be case-sensitive

as for the DHCP status, it should read "Offered", which means the client made a discovery request, and WinGate made an offer, but the client didn't make a final request back accepting the offer.

Do these clients seem to work? Do they show network settings? E.g. if you type "ipconfig /all" from a command prompt from these clients do they show an IP address and DHCP server?

Regards

Adrien
adrien
Qbik Staff
 
Posts: 5217
Joined: Sep 03 03 2:54 pm
Location: Auckland

Re: CREDENTIAL RULES in Control Panel with physical address

Postby sigih. » Jan 01 12 1:47 am

Sorry !
I mean OFFERED - I forget to define the DNS Server now DHCP works great ... but the story continues ...

Theres a problem to get the complete information I need in the Activity tap:

I make a rule like this ... see attachment
Should be correct !
Then look to the "DHCP" tap ... seems to work ?!
And now in the "Activity" tap - no assumed user is shown only UNKNOWN ?

Do I have a wrong definition anywhere or whats else ?
Does anyone know a workaround or a solution ?

greetz
sigih.
You do not have the required permissions to view the files attached to this post.
sigih.
 
Posts: 46
Joined: May 19 09 8:43 pm
Location: Telfs / Austria ... middle of the Alps ...

Re: CREDENTIAL RULES in Control Panel with physical address

Postby adrien » Jan 05 12 9:27 am

Hi

we've had another recent report of issues with credential rules using MAC addresses, so I need to take another look at the code.

In general, we always obtain the peer IP address from any connection, since no TCP/IP comms works without it.

From that, the MAC is either looked up if it's a known DHCP client, or looked up in the host OS ARP table. So it's an extra few steps to try to obtain the MAC address. If there's a router between the client and WinGate, there's no way to get the client MAC from the system ARP table.

Computername is even worse. It's only available if the client used DHCP and reported a hostname in the DHCP request (Macs don't). Or if running the WinGate client.

So in general it's more reliable to set credential rules by IP than any other way.

Regards

Adrien
adrien
Qbik Staff
 
Posts: 5217
Joined: Sep 03 03 2:54 pm
Location: Auckland


Return to WinGate Beta

Who is online

Users browsing this forum: No registered users and 1 guest

cron