wired 802.1x for desktops (offtopic)

[Mikael Kermorgant]

Hello,

Sorry for this off-topic message, I have a question about 802.1x deployment
and don't know where to ask. As freeradius is one of the element I think of,
maybe someone here can help me find the solution ?

My Goals :
1) authenticate access to the network from Open Public Access Catalog (OPAC)
desktop machines available to every user of a biblioteque.
2) have a guest account with limited LAN access (no access to internet, or
just a very short whitelist)
3) Keep the machines reachable from some servers (ghost server, monitoring,
etc). (this criteria eliminates the solution of a captive portal)

I thought 802.1x with dynamic vlans would be a nice solution as it should
permit to put the guest account in a specific vlan.

But how would it be possible to reach the machine from the management
servers before someone authenticates ? Is it possible to have a default vlan
activated on startup of the machine ?
Or do you know where I should ask this question ?

Regards,

-- 
Mikael Kermorgant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090526/37c1e41c/attachment.html>