Host scan / Posture Module

Arran Cudbard-Bell a.cudbardb at
Wed Aug 13 23:35:56 CEST 2014

On 13 Aug 2014, at 17:27, Matthew Ceroni <matthewceroni at> wrote:

> In an 802.1x environment is there a way to, as part of authorization,
> to do end point checking on the connecting client? To check things
> such as virus software installed, OS updates, etc.
> Or is this something that could be handled by another product.

The EAP-PEAP module can do that, though it'll only work with Microsoft
supplicants. I believe you need to enable support in the supplicant
config as well.

I think EAP-TNC was meant to do something similar, but no one really
supports it, and i'm fairly sure we don't have the code to decode the
posture info.

Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list