freeRADIUS for switch authentication
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Jul 8 10:37:31 CEST 2013
Hi,
> (Sorry if this is OT) As I understand, I couldn't use 802.1x
> authentication on just the switches themselves? Since a client must have
> certificates to authenticate to a server. What i just wanted to accomplish
> is to authenticate the switches only on the radius server, so this md5
> encryption I had setup should be sufficient?
what you do is up to you. a standard NAS will have several configuration
options - allowing RADIUS for admin access or RADIUS for host/client access or both.
why cant you just do 802.1X on thw switch? yes, clients need certs but thats
the same as WiFi - you could get a RADIU server cert signed by a known CA in
the OS (which isnt best but would allow thigns to just work)
> Last question, could I just create a single user to be used by multiple
> switches? Is there any conflict going to happen? Switch count on branches
> ranges from 15-50.
once again, depends on config. why do you think you cant? do you have strong user
authorization/session checks? its just a user....
alan
More information about the Freeradius-Users
mailing list