strategy question
Gary Gatten
Ggatten at waddell.com
Mon Feb 7 20:44:37 CET 2011
Makes sense to me. Will you be using MAC Auth Bypass for printers and other "dumb" devices?
-----Original Message-----
From: freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org [mailto:freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org] On Behalf Of localhero at mac.hush.com
Sent: Monday, February 07, 2011 1:08 PM
To: freeradius-users at lists.freeradius.org
Subject: strategy question
In a project with some larger customer sites 802.1x authentication
shall be introduced. There are about 10 sites with roughly 500
employees each.
It is expected that at least 5 to 10% of the pc may cause problems
when 802.1x authentication is activated. To identify those pc in
advance the idea is, to have the switches ask the freeradius server
for authentication. For two weeks or so the radius shall accept all
the requests, even if they fail because of invalid certificates.
The failure shall be reported. During this time the operating staff
may solve the problems with the pc. After that period the problems
are hopefully solved and the radius shall do "real" authentication.
Is this a idea that makes sense?
Are there technical restictions that would avoid such an approach
-lh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
</div>
"This email is intended to be reviewed by only the intended recipient
and may contain information that is privileged and/or confidential.
If you are not the intended recipient, you are hereby notified that
any review, use, dissemination, disclosure or copying of this email
and its attachments, if any, is strictly prohibited. If you have
received this email in error, please immediately notify the sender by
return email and delete this email from your system."
</font>
More information about the Freeradius-Users
mailing list