Date: Wed, 18 Oct 2017 19:03:07 +0200 From: Stefan Bethke <stb@lassitu.de> To: =?utf-8?Q?Peter_Ankerst=C3=A5l?= <peter@pean.org> Cc: Chris Ross <cross+freebsd@distal.com>, FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: 802.1X authenticator for FreeBSD Message-ID: <4F45AC20-57F9-4246-836E-4F1C1D01FAC2@lassitu.de> In-Reply-To: <2D461E1D-895F-4D31-9834-A40DEF02F121@pean.org> References: <C34FB467-C2DB-4B59-9DD2-2491E7A136F1@pean.org> <AE175682-AD2B-4DAC-AF4C-3B6F3CDB7449@distal.com> <2D461E1D-895F-4D31-9834-A40DEF02F121@pean.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] > Am 18.10.2017 um 18:35 schrieb Peter Ankerstål <peter@pean.org>: > > > >> On 17 Oct 2017, at 22:27, Chris Ross <cross+freebsd@distal.com> wrote: >> >> >> wpa_supplicant is the client we use at work, on Linux systems. But, it’s also the tool described in the FreeBSD wireless configuration pages, so I know it can be used there. >> >> I haven’t tried FreeBSD with wired 802.1x myself, but just a thought I had. >> >> - Chris >> > Its my understanding that wpa_supplicant is actually a working client in FreeBSD. But I’m looking for the server side of this. > > It would be just fine if it worked just like hostapd (control access of one nic) and dont have any control over switchports or whatever. Another nice way of doing it would be to have some sort of integration with authpf or pf itself. I’m under the impression that the authenticator function in a wired network is usually part of the switch, and the switch will talk to some authentication server like RADIUS, giving it the port number of the connected device and additional information. If FreeBSD had such a function, I think it would be limited to point-to-point Ethernet links, 802.1x being a link-layer protocol. Stefan -- Stefan Bethke <stb@lassitu.de> Fon +49 151 14070811 [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEzBAEBCgAdFiEEJ+hF98o4r3eU/HiPD885WK4W4sEFAlnniUsACgkQD885WK4W 4sGqGgf/eJor+Utv3d7hQhS0AQALyHSGxWAnWfPmqcICw8sqwj7bd95qLeSrgg+d PVNDG9PFd/XJGJUe1qGeiWXOR73S6oj1ByP074AJHkuaDEws6h9tdLzATQkhjSAi TvgiO/yEJu4ChXDoCucDQ07tdep8QTfwQee7H/KpXUuAq5xrd0fR9kZQ/6OUY7/e 6aZ8VFhDUg9YOsjMN508dtWV5fUFpk99aco9iebao++30MrZfsCj4W/vFDWQvtAk o/BN4hlVKPyOX/gsDWpSIiuIRN/Ztq5Pva5c51a/28aO7CgvdwX8jwOOHAFRvAv1 QewVZULwTzPxiQk1zrYkyotvi0o0FQ== =r9ZR -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F45AC20-57F9-4246-836E-4F1C1D01FAC2>