Windows 10 Random Mac Address

Alan DeKok aland at deployingradius.com
Tue Sep 1 14:31:12 CEST 2015


On Sep 1, 2015, at 6:44 AM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> It's also worth pointing out that we're a long way from 802.1x being usable on wired networks in unmanaged/BYOD/public access areas - there's a bunch of caveats, ranging from wired 802.1x supplicants being disabled by default on most OSes (and wired ethernet lacking a link-layer handshake protocol like 802.11 to signal use of 802.1x) to switch vendors having terrible implementations e.g. "wait 3 EAP timeouts before fallback to MAC auth", which can be 60 seconds, in which time your old print server / CCTV device / BEMS/SCADA system has fallen silent and needs manual intervention.

  Yeah.  The client sends a DHCP discover, and the switch ignores it... because it's waiting for EAP!

  My suspicion is that most switch vendors hire engineers who know nothing about networks, and who don't use the equipment they're building.

  Anyways... I have a program this fall to get in close touch with more of the vendors.  I already have relationships with a few, but more would be good.  Along with a push of "PLEASE, if you have RADIUS questions, just ASK.  Don't ship crap."

  Alan DeKok.




More information about the Freeradius-Users mailing list