Contributed by jose on from the controlled-access dept.
(Comments are closed)
OpenBSD Journal
Contributed by jose on from the controlled-access dept.
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By grey () on http://www.tml.hut.fi/~pnr/publications/Freenix200
Sorry that's not too helpful.
By jose () on http://monkey.org/~jose/
other links:
- http://www.wi-fiplanet.com/tutorials/print.php/3287481
- http://www.drizzle.com/~aboba/IEEE/index.html
By Jakob Schlyter () on
what you need on the server side is usually a 1x-aware RADIUS server that talks to the switch/wifi-ap which performs the actual 1x authentication against the client (aka supplicant).
Comments
By Gernot Schmied () gernot.schmied@chello.at on mailto:gernot.schmied@chello.at
Hth
By Dom De Vitto () on
e.g. on ethernet, the switch can't prevent you transmitting, but it can tag the port as 'unauthenticated' and either not forwrd trafic to/from it until it's had a valid .1x frame, or put the segment into a specified VLAN.
.1x is nothing to do with IP, and so nothing to do with DHCP.
.1x is bearly anything to do with ethernet/wireless, as it's designed to (try) to prevent the device using the media before authentication.