Per Vendor NAS-Port documentation
Alan DeKok
aland at deployingradius.com
Wed Mar 30 18:48:49 CEST 2011
Olivier Bilodeau wrote:
> I was wondering if there has been a collective effort to document the
> meaning of the NAS-Port by the various Network Vendors?
Some, not much.
> We are working on PacketFence here (an open source NAC) and we translate
> the NAS-Port to the ifIndex so we can request a dot1x reauthentication
> to the ifIndex if we want to (ie: IDS event).
That might work. Sometimes.
> We've done the translation by ourselves since vendor documentation is
> often lacking and I was thinking there must exist such a resource. Does
> anyone here know?
If we have information, it's on the Wiki. Otherwise... it's hard.
Most switch vendors do the Right Thing, and map NAS-Port to the switch
port. For PPP, DSL, or WiFi systems, the NAS-Port is often meaningless.
> I know we could use CoA with the original NAS-Port but it's less
> supported than the SNMP PAE Reauthenticate MIBs.
Yes.
Alan DeKok.
More information about the Freeradius-Users
mailing list