Wired 802.1x auth - Getting the IP address of the authed machine
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Wed Feb 25 12:27:46 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paul Dealy wrote:
> I have accounting turned on, but I don't see the authed machines IP on
> that of the NAS.
>
This is an advanced vendor specific feature. The switch will need to be
running some form of DHCP snooping, or layer 3 header inspection.
I know Trapeze wireless controllers support this (where the IP address
of the client is inserted into the Framed-IP-Address attribute of
accounting packets), but I have no idea about Cisco kit.
Regards,
Arran
- --
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk),
Authentication, Authorisation and Accounting Officer,
Infrastructure Services (IT Services),
E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT
DDI+FAX: +44 1273 873900 | INT: 3900
GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmlKzIACgkQcaklux5oVKILFQCfZY8WCrbwK118B8ISz/2ALfHv
VYAAoItOLHBnegsFdb7goejDmTsMTmC0
=C5Zl
-----END PGP SIGNATURE-----
More information about the Freeradius-Users
mailing list