Port/mac/IP authentication, authorization, auditing. Is it possible ?

CpServiceSPb cpservicespb at gmail.com
Sun Jun 9 17:15:57 CEST 2019


>>* You are not quite right.
*> How nice that you know more about RADIUS than people who've been
doing it for 25 years.

If you read more carefully you will be able that this exact phrase was
connected with "
...And the device doesn't have an IP until after it's been given
network access...." .

And I provided the exact situation when ___device has an IP__ .

At least at itself.

It is not received from dhcp server after checking access rights to a network.

It is set up manually before plugging to the switch.

I supposed that switches wrap usually  only macs, may be ports to
uncast packet sent to Radius server.

As a dhcp relay.

But initially my quiestion was about ability to extend functionality
of Radius by using some modules and of some switches to __limit /
manage access__ to a network at
access level witch on hybrid assigning IP environment - dymanically
and statically but with controlling and making if a decision from
server not switch side.

So, the quesion was is it possible by Radius (may be with some
additional modules) or are there plans to implement it ?


More information about the Freeradius-Users mailing list