On 13 Aug 2014, at 17:27, Matthew Ceroni <matthewceroni@gmail.com> wrote:
In an 802.1x environment is there a way to, as part of authorization, to do end point checking on the connecting client? To check things such as virus software installed, OS updates, etc.
Or is this something that could be handled by another product.
The EAP-PEAP module can do that, though it'll only work with Microsoft supplicants. I believe you need to enable support in the supplicant config as well. I think EAP-TNC was meant to do something similar, but no one really supports it, and i'm fairly sure we don't have the code to decode the posture info. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2