[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Username/Host authorization
From: nicolas.clo () ricoh-industrie ! fr
Date: 2013-06-25 6:11:41
Message-ID: OFE2032F13.06FF5F2B-ONC1257B95.0020EACC-C1257B95.0022076B () ricoh-industrie ! fr
[Download RAW message or body]
[Attachment #2 (multipart/related)]
[Attachment #4 (multipart/alternative)]
Hi,
Yes, this is our actual configuration and it works very well, but I thi=
nk that with the long run, a
database that contains all MAC address can become very difficult to man=
age.
But if it' s the only solution, I will make with.
Thanks.
=
Nicolas CLO =
Industrial and Network Technician =
ITS Section =
=
-----------------------------------------------Original
mail------------------------------------------------------
Hi,
> I'm now sure that the best way for us is MAC Address filtering.
thats a way of doing the 'host' part. the user can then be authenticate=
d
by an EAP method.
ie authorization stage can check the calling-station-id (MAC address) a=
nd,
if not known, just reject. then, if known carry on to the user authenti=
cation
by 802.1X
as already said, you have to know what you want and the technologies av=
ailable
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use=
rs.html
=
[Attachment #7 (text/html)]
<html><body>
<ul style="padding-left: 0pt">
<p><font size="2" face="sans-serif">Hi,</font><br>
</ul>
<font size="2" face="sans-serif">Yes, this is our actual configuration and it works \
very well, but I think that with the long run, a database that contains all MAC \
address can become very difficult to manage.</font><br> <font size="2" \
face="sans-serif">But if it' s the only solution, I will make with.</font><br> <br>
<font size="2" face="sans-serif">Thanks.</font>
<ul style="padding-left: 0pt"><br>
<br>
<br>
<br>
<table border="0" cellspacing="0" cellpadding="0">
<tr valign="top"><td width="350">
<ul style="padding-left: 0pt"><font size="2" face="Arial"><b>Nicolas CLO \
</b></font><font size="2" face="Arial"><br> Industrial and Network Technician<br>
ITS Section</font></ul>
</td><td width="77" valign="middle"><img width="1" height="1" \
src="cid:1__=4EBBF106DFB36C5C8f9e8@ricoh-industrie.fr" border="0" alt=""></td><td \
width="100"><img width="1" height="1" \
src="cid:1__=4EBBF106DFB36C5C8f9e8@ricoh-industrie.fr" border="0" alt=""></td></tr> \
</table>
<table border="0" cellspacing="0" cellpadding="0">
<tr valign="top"><td width="450" valign="middle"><img width="1" height="1" \
src="cid:1__=4EBBF106DFB36C5C8f9e8@ricoh-industrie.fr" border="0" alt=""></td></tr> \
</table> </ul>
<table border="0" cellspacing="0" cellpadding="0">
<tr valign="top"><td width="490" valign="middle">
<ul style="padding-left: 0pt"><font size="2" \
face="sans-serif">-----------------------------------------------Original \
mail------------------------------------------------------</font></ul> </td></tr>
</table>
<br>
<br>
<br>
<tt><font size="2">Hi,<br>
<br>
> I'm now sure that the best way for us is MAC Address filtering.<br>
<br>
thats a way of doing the 'host' part. the user can then be authenticated<br>
by an EAP method. <br>
<br>
ie authorization stage can check the calling-station-id (MAC address) and,<br>
if not known, just reject. then, if known carry on to the user authentication<br>
by 802.1X<br>
<br>
as already said, you have to know what you want and the technologies available<br>
<br>
alan<br>
-<br>
List info/subscribe/unsubscribe? See </font></tt><tt><font size="2"><a \
href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a></font></tt><tt><font \
size="2"><br> </font></tt><br>
</body></html>
["ecblank.gif" (image/gif)]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic