I would appreciate if anybody could tell me whethere FreeRADIUS supports the following scenario or not.
Currently, we have Foundry FastIron Edge 2402 switch. What we need is to deploy 802.1x user AND machine authentication.
1) If (Machine authentication is successfull)
then (If User authentication is successfull)
Drop the user in their respective VLAN.
2) If (Machine authentication is successfull)
then (If User authentication is NOT successfull)
Drop the user in their default restricted VLAN.
3) If (Machine authentication is NOT successfull OR there is no machine certificate)
Drop the user in their default restricted VLAN OR Dont allow access to the switch port.
Now the question I want to ask is, whethere FreeRADIUS supports the third case i.e. to disallow access OR drop in restricted vlan if machine authentication fails.
Cisco Machine Access Restriction 4.0 for Windows ( http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_data_sheet0900aecd802fefd7.html) claims to support the abaove scenario.
It would be great if someone could also tell me the relative parameters/configuration for the above particular case, if FreeRADIUS supports it.
Regards
Hammad
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html