Hello everyone<br><br>I would appreciate if anybody could tell me whethere FreeRADIUS supports the following scenario or not.<br><br>Currently, we have Foundry FastIron Edge 2402 switch. What we need is to deploy 802.1x user AND machine authentication.
<br><br>1) If (Machine authentication is successfull)<br> then (If User authentication is successfull)<br> Drop the user in their respective VLAN.<br><br>2) If (Machine authentication is successfull)<br> then (If User authentication is NOT successfull)
<br> Drop the user in their default restricted VLAN.<br><br>3) If (Machine authentication is NOT successfull OR there is no machine certificate)<br> Drop the user in their default restricted VLAN OR Dont allow access to the switch port.
<br><br>Now the question I want to ask is, whethere FreeRADIUS supports the third case i.e. to disallow access OR drop in restricted vlan if machine authentication fails. <br><br>Cisco Machine Access Restriction 4.0 for Windows (
<a href="http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_data_sheet0900aecd802fefd7.html">http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_data_sheet0900aecd802fefd7.html</a>) claims to support the abaove scenario.
<br><br>It would be great if someone could also tell me the relative parameters/configuration for the above particular case, if FreeRADIUS supports it.<br><br>Regards<br>Hammad<br>