Hi, > The supplicant will barf, and yet, the machine will not ignore the wide open > network port. >
That would be supplicant-dependent, right? For example the Intel supplicant which I tried some time ago had a very solid opinion about what was going on and I couldn't use the net "just like that". OTOH, there is this peculiarity in the IEEE 802.1X standard itself that basically says the supplicant tries three times to authenticate with EAP-Identity, and after that shall "assume that the port is open". Maybe that's what happens. Anyway, it is a *very* bad idea to rely on such behaviour. I suggest a bucket of cold water into the face of the guy's management. An authentication server is used to authenticate users, not to non-authenticate users. Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html