From owner-freebsd-current@FreeBSD.ORG  Thu Jun 24 17:58:05 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 206F716A4CE
	for <current@freebsd.org>; Thu, 24 Jun 2004 17:58:05 +0000 (GMT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 1668543D53; Thu, 24 Jun 2004 17:58:05 +0000 (GMT)
	(envelope-from bmilekic@FreeBSD.org)
Received: from freefall.freebsd.org (bmilekic@localhost [127.0.0.1])
	i5OHw31H006671;	Thu, 24 Jun 2004 17:58:03 GMT
	(envelope-from bmilekic@freefall.freebsd.org)
Received: (from bmilekic@localhost)
	by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i5OHw3ex006670;
	Thu, 24 Jun 2004 17:58:03 GMT
	(envelope-from bmilekic)
Date: Thu, 24 Jun 2004 17:58:03 +0000
From: Bosko Milekic <bmilekic@FreeBSD.org>
To: Ivan Voras <ivoras@fer.hr>
Message-ID: <20040624175803.GA6517@freefall.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.1i
cc: current@freebsd.org
Subject: Re: 802.1x?
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2004 17:58:05 -0000


Ivan Voras wrote:
>Is there any way for a FreeBSD machine to be a supplicant in 802.1x
>authorisation scheme? Open1x project has abandoned support for FreeBSD (not
>that they had any) and googling around turns up only old information.
>
>My situation is that I need it for authorisation "over the wire" - not on a
>wireless adapter but over ethernet (and then to a RADIUS server I
>presume...).

  Take a look at Pekka Nikander's paper from Usenix02:

  Pekka Nikander, "Authorization and charging in public WLANs using
  FreeBSD and 802.1x," in Proceedings of the Freenix track: 2002 USENIX
  Annual Technical Conference, Monterey, CA, June 10-15, 2002. 

  http://www.tml.hut.fi/~pnr/publications/Freenix2002-Nikander.pdf

  He has a netgraph module (perhaps a tad outdated) available.

Regards,
--
Bosko Milekic
<bmilekic@technokratis.com>
<bmilekic@FreeBSD.org>