Date: Wed, 18 Oct 2017 19:03:07 +0200 From: Stefan Bethke <stb@lassitu.de> To: =?utf-8?Q?Peter_Ankerst=C3=A5l?= <peter@pean.org> Cc: Chris Ross <cross+freebsd@distal.com>, FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: 802.1X authenticator for FreeBSD Message-ID: <4F45AC20-57F9-4246-836E-4F1C1D01FAC2@lassitu.de> In-Reply-To: <2D461E1D-895F-4D31-9834-A40DEF02F121@pean.org> References: <C34FB467-C2DB-4B59-9DD2-2491E7A136F1@pean.org> <AE175682-AD2B-4DAC-AF4C-3B6F3CDB7449@distal.com> <2D461E1D-895F-4D31-9834-A40DEF02F121@pean.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_48DC4D18-9080-4AC5-A616-8CD416910B8A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > Am 18.10.2017 um 18:35 schrieb Peter Ankerst=C3=A5l <peter@pean.org>: >=20 >=20 >=20 >> On 17 Oct 2017, at 22:27, Chris Ross <cross+freebsd@distal.com> = wrote: >>=20 >>=20 >> wpa_supplicant is the client we use at work, on Linux systems. But, = it=E2=80=99s also the tool described in the FreeBSD wireless = configuration pages, so I know it can be used there. >>=20 >> I haven=E2=80=99t tried FreeBSD with wired 802.1x myself, but just a = thought I had. >>=20 >> - Chris >>=20 > Its my understanding that wpa_supplicant is actually a working client = in FreeBSD. But I=E2=80=99m looking for the server side of this. >=20 > It would be just fine if it worked just like hostapd (control access = of one nic) and dont have any control over switchports or whatever. = Another nice way of doing it would be to have some sort of integration = with authpf or pf itself. I=E2=80=99m under the impression that the authenticator function in a = wired network is usually part of the switch, and the switch will talk to = some authentication server like RADIUS, giving it the port number of the = connected device and additional information. If FreeBSD had such a function, I think it would be limited to = point-to-point Ethernet links, 802.1x being a link-layer protocol. Stefan -- Stefan Bethke <stb@lassitu.de> Fon +49 151 14070811 --Apple-Mail=_48DC4D18-9080-4AC5-A616-8CD416910B8A Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEzBAEBCgAdFiEEJ+hF98o4r3eU/HiPD885WK4W4sEFAlnniUsACgkQD885WK4W 4sGqGgf/eJor+Utv3d7hQhS0AQALyHSGxWAnWfPmqcICw8sqwj7bd95qLeSrgg+d PVNDG9PFd/XJGJUe1qGeiWXOR73S6oj1ByP074AJHkuaDEws6h9tdLzATQkhjSAi TvgiO/yEJu4ChXDoCucDQ07tdep8QTfwQee7H/KpXUuAq5xrd0fR9kZQ/6OUY7/e 6aZ8VFhDUg9YOsjMN508dtWV5fUFpk99aco9iebao++30MrZfsCj4W/vFDWQvtAk o/BN4hlVKPyOX/gsDWpSIiuIRN/Ztq5Pva5c51a/28aO7CgvdwX8jwOOHAFRvAv1 QewVZULwTzPxiQk1zrYkyotvi0o0FQ== =r9ZR -----END PGP SIGNATURE----- --Apple-Mail=_48DC4D18-9080-4AC5-A616-8CD416910B8A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F45AC20-57F9-4246-836E-4F1C1D01FAC2>