strategy question

localhero at mac.hush.com localhero at mac.hush.com
Mon Feb 7 20:08:28 CET 2011


In a project with some larger customer sites 802.1x authentication 
shall be introduced. There are about 10 sites with roughly 500 
employees each.
It is expected that at least 5 to 10% of the pc may cause problems 
when 802.1x authentication is activated. To identify those pc in 
advance the idea is, to have the switches ask the freeradius server 
for authentication. For two weeks or so the radius shall accept all 
the requests, even if they fail because of invalid certificates. 
The failure shall be reported. During this time the operating staff 
may solve the problems with the pc. After that period the problems 
are hopefully solved and the radius shall do "real" authentication.

Is this a idea that makes sense?
Are there technical restictions that would avoid such an approach

-lh




More information about the Freeradius-Users mailing list