Re: 802.1X
Re: 802.1X
- Subject: Re: 802.1X
- From: Daniel Azuelos <email@hidden>
- Date: Tue, 8 Nov 2005 11:57:04 +0100
James Tolchard écrivait (wrote) :
| Has anyone on the list deployed 802.1x on their wired LAN of Mac OS X
| workstations?
I'm fighting to make 802.1X (beware it's an uppercase X, the other
standard doesn't yet exist) run for a large library (which is a open
to public).
| There are plenty of sites on the web explaining how one
| would connect their own laptop to an 802.1x-secured Airport network,
| but I'm talking about using it to secure all of our permanent
| workstations (the vast majority of which are Panther machines, to be
| Tiger by mid-2006) whose network outlets are in a public place.
|
| I notice that the Internet Connect application seems to handle the
| establishment of 802.1x sessions. Our current edge switches don't
| support 802.1x, so I'm not in a position to play around at the
| moment, but I'm assuming there is some way to have the client
| machines automatically establish their 802.1x session early during
| system startup (by using some sort of public key or whatever), as
| this is a managed environment so network access is required for
| logins to succeed.
|
| I understand generally how 802.1x works, but am only familiar with
| configurations in which the end-user is giving a username and
| password that is then authenticated by the switch using a RADIUS
| server, or some similar configuration. Having the user provide the
| credentials in this way is obviously unworkable when the machine is a
| workstation that is always connected to the wired LAN and is used by
| many different users.
|
| All will probably become clear when we actually receive our new
| switches and I can set them up on the workbench and test the crap out
| of them, but, naturally, I thought I'd ask for first-hand experiences
| first. Off-list, if you must, since I've just realised this isn't
| overly related to Mac OS X Server ;-)
I advise you to discuss this interesting point on the:
Macintosh Network Programming <email@hidden>
--
| R : Tu vois ! || daniel Azuelos - Institut Pasteur
| | Q : Tu crois ?
| | | R : Ça casse l'ordre chronologique de l'échange.
| | | | Q : En quoi répondre au dessus est-il gênant ?
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden