Strategy Advice
Sturgis, Grant
Grant.Sturgis at arraybiopharma.com
Tue Apr 29 21:21:10 CEST 2008
Greetings list,
Brand new freeradius user here, I will try not to be too obnoxious with
silly questions.
My goal is to replace the Cisco ACS solution with Freeradius, including:
1. Shell (telnet/ssh) access to network switches/routers/firewalls
2. EAP-TLS to the wireless network
3. Potentially 802.1x auth to wired network ports
I would like to use our network directory (W2K3 AD) user accounts for
all of the above. And I would also like to be able to restrict based on
group membership - so that only members of the "Cisco_Admin" group can
log into switches and only members of the "wireless" group can
authenticate to the WAPs.
My questions is:
Would it be wiser to pursue the mschap / ntml_auth / winbind module
solution or the ldap module solution?
I am guessing that this has been done in the past, right? Does anyone
have any anecdotes that would be helpful?
Thanks in advance,
Grant
-----------------
Pardon this rubbish:
This electronic message transmission is a PRIVATE communication which
contains information which may be confidential or privileged. The
information is intended to be for the use of the individual or entity
named above. If you are not the intended recipient, please be aware that
any disclosure, copying, distribution or use of the contents of this
information is prohibited. Please notify the sender of the delivery
error by replying to this message, or notify us by telephone
(877-633-2436, ext. 0), and then delete it from your system.
More information about the Freeradius-Users
mailing list