802.1x

Guy Davies Guy.Davies at telindus.co.uk
Wed Nov 2 18:38:27 CET 2005


Which Vendor Specific Attributes are implemented by a Vendor are, as the
name suggests, specific to the vendor and totally up to them to choose.
I would not be surprised if DLink implement *NO* VSAs.  Given the market
into which they're pitching their kit, I doubt very much that their kit
will do bandwidth control.  Authenticating access to the port is the
basic function of 802.1x so if DLink claim 802.1x support, then you can
configure your NAS so that you don't get any access without
authenticating first.
 
Rgds,
 
Guy

________________________________

From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of Alex
M
Sent: 02 November 2005 17:04
To: 'FreeRadius users mailing list'
Subject: RE: 802.1x



Ok I got it...

By the way what is AV pair?

And how do you get NAS related attributes to control bandwidth from
vendors? Like if im using D-Link how could I get attributes from them?

 

Thanks!

 

________________________________

From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of Jeff
Reilly
Sent: Wednesday, November 02, 2005 11:53 AM
To: FreeRadius users mailing list
Subject: RE: 802.1x

 

Alex,

Features such as 'bandwidth and port blocking" (if any) are
allocated/configured on the _NAS_ (in this case a NAS port) via AV
pair/s provided by RADIUS... the '802.1x Supplicant" (Client/Endpoint)
in simple terms... provides a secure/standard conduit which facilitates
the communication of credentials (from the Supplicant to the
Authenticator).  The '802.1x Authenticator" (or NAS) _MAY_
provision/enforce Authorization for the specific endpoint in the context
of a user or group...  

 

The management & granularity of this functionality verifies greatly by
switch vendor as a result providing this functionality across a
multi-vendor environment... in a large scale deployment... is often too
complex to seriously consider.<?

 

jmr

	
	-------- Original Message --------
	Subject: RE: 802.1x
	From: "Alex M" <alexm at lrcommunications.net>
	Date: Wed, November 02, 2005 9:10 am
	To: "'FreeRadius users mailing list'"
	<freeradius-users at lists.freeradius.org>
	
	Now im totally lost...
	Can u give me an example what 802.1x does?
	
	
	
	
	
	-----Original Message-----
	From: freeradius-users-bounces at lists.freeradius.org
	[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf
Of Alan
	DeKok
	Sent: Wednesday, November 02, 2005 11:04 AM
	To: FreeRadius users mailing list
	Subject: Re: 802.1x 
	
	"Alex M" <alexm at lrcommunications.net> wrote:
	> So then such features as bandwidth and port blocking could be
controlled
	via
	> 802.1x?
	
	 No.
	
	 Alan DeKok.
	- 
	List info/subscribe/unsubscribe? See
	http://www.freeradius.org/list/users.html
	
	- 
	List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html 


This e-mail is private and may be confidential and is for the intended recipient only.  If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed.  If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it.  We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free.  You should undertake your own virus checking.  The right to monitor e-mail communications through our network is reserved by us. 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051102/6a5f4552/attachment.html>


More information about the Freeradius-Users mailing list