802.1x maschine auth with SSL?

Donny Jekels djekels at gmail.com
Tue Mar 25 14:46:27 CET 2008


if I understand you correctly you wanna do this

enable EAP on your Cisco switch; where all ports are in shutdown mode.
a user on your XP box has a User Cert which is passed through EAP to your
Freeradius box;
the freeradius authenticates the user with his certificate "DN" etc.
then instructes the switch to "no shut" the port and assign that port to a
predefined VLAN you allocated for that user or other guest users in your
database.
i.e. if [ "cn=bla,ou=bla,dc=id10t,dc=net" == "match" }; then $vlan = 100; fi

let me know if you wanna do this as described above.
and how did you get it to work with username and password?


On Tue, Mar 25, 2008 at 7:23 AM, mrhotstandby at gmail.com <
mrhotstandby at gmail.com> wrote:

> Heya,
>
> i'm a bit stuck. My xp box should auth with ssl cert - works ok so
> far. But how to assign vlan?
> When doing this with user, i put my user + pass into users file -
> works. But for ssl cert?
> I want my xp box authentificated by ssl cert and after that, my user
> should logon to "his" vlan.
> So that i have a "protected" vlan for "my" boxes (to avoid giving
> access to my auth server to
> foreign notebooks) and after that, if someone of my users log in, he
> will be transfered to
> his vlan...
>
> hope you understand...
>
> Thanksalot!
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080325/d6ce27db/attachment.html>


More information about the Freeradius-Users mailing list