Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 06 Apr 2004 02:29:05 -0700
From:      Ryan Merrick <wrmine@heronetwork.com>
To:        Adrian Penisoara <ady@freebsd.ady.ro>
Cc:        freebsd-isp@freebsd.org
Subject:   Re: Q: Controlling access at the Ethernet level
Message-ID:  <40727861.6060905@heronetwork.com>
In-Reply-To: <0A87E4EB-8665-11D8-9004-000A95776E22@freebsd.ady.ro>
References:  <0A87E4EB-8665-11D8-9004-000A95776E22@freebsd.ady.ro>

next in thread | previous in thread | raw e-mail | index | archive | help
Adrian Penisoara wrote:
> Hi,
> 
>    I am searching for a solution that will enable me to control the 
> access of clients to a Ethernet network that spans over about an entire 
> quorter; most of the connected stations are running MS Windows.
> 
>    We are facing service theft through impersonation, either solely IP 
> or both IP and Ethernet MAC address. Securing IP access was solved using 
> a static ARP scheme (we used "staticarp" for the internal gateway 
> interface and tied to it a fixed list of IP/MAC tuples), but some of the 
> clients learnt how to change both the IP and the MAC.
> 
>   We have thought about using static MAC entries per port on managed 
> switches installed at the client endpoints, but that would require a 
> overwhelming budget. We are also thinking about L2TP and PPPoE, but I am 
> uncertain about compatibility.
> 
>   What would you recommand ? Are there any other elegant solutions ?
> 
>   I also heard about 802.1x technology and seems to be an interesting 
> and professional alternative; I just don't know how well supported is on 
> the server side, namely FreeBSD.
> 
>  Thank you.
> 
> -- 
> Ady (@freebsd.ady.ro)
> 
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
> 
Hi,

Take a look at www.netreg.org/

-- 
Ryan Merrick
rmerrick@heronetwork.com





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40727861.6060905>