freeradius中的MAC身份验证失败

Question

I follow this Plain MAC-Auth setup guide to configure the freeradius (version 2.2.5), in order to carry out MAC Authentication. However, MAC authentication is failed with the following log message

rad_recv: Access-Request packet from host 192.168.0.7 port 59966, id=9, length=79
NAS-IP-Address = 192.168.0.7
User-Name = "34:76:C5:57:0F:A3"
User-Password = "34:76:C5:57:0F:A3"
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++policy rewrite.calling_station_id {
+++? if ((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i)
?? Evaluating (Calling-Station-Id) -> FALSE
? Skipping ("%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i)
+++? if ((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) -> FALSE
+++else else {
++++[noop] = noop
+++} # else else = noop
++} # policy rewrite.calling_station_id = noop
[authorized_macs]   expand: %{Calling-Station-Id} -> 
++[authorized_macs] = noop
++? if (!ok)
? Evaluating !(ok) -> TRUE
++? if (!ok) -> TRUE
++if (!ok) {
+++[reject] = reject
++} # if (!ok) = reject
+} # group authorize = reject
Using Post-Auth-Type REJECT
  WARNING: Unknown value specified for Post-Auth-Type.  Cannot perform requested action.
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 9 to 192.168.0.7 port 59966
Waking up in 4.9 seconds.
Cleaning up request 0 ID 9 with timestamp +30
Ready to process requests.

From the above log, the problem seems to be unable to get the "Calling-Station-Id" value. Is this a freeradius configuration problem? And anyone know how to solve it?

Answer 1

on the account section of the radius config add

update request {
            Called-Station-Id += &NAS-Port-Id
    }

and in the post-auth section add

update reply {
            Called-Station-Id += &NAS-Port-Id
    }