After playing around with Freeradius and LDAP integration we have decided to try and simplify things to avoid the 'big bang approach' as we are not confident enough to go the whole way.
My current thinking for our wired network is to add the MAC-addresses of all our desktop machines (2500 PC/laptops) into LDAP with the MAC-address being both the user name and password. We would then try FreeRadius and MAC-Authentication - how feasible is this and are there any gotcha's? I am going to start googling the best way to this, although most of the links seem to relate to wireless rather than wired setups. Can someone help by typing a simple list of the steps I need to follow so I can google and hopefully work out how to do this? Im thinking Import the Mac addresses into LDAP List the IP of all our edge switches in clients.conf Configure the shared secret Configure radiusd.conf to talk to the LDAP server - partially done Set up switches to query the radius server Are there any good how-to's on radius and mac-auth? We are looking to keep things as simple as possible so we can get used to using radius, before thinking about deploying 802.1x and I am desperate to avoid having to use IAS Many thanks Martin Martin Macleod-Brown | Infrastructure Engineer - Networks & Security Direct line +44 (0)20 7000 7772 | Email [EMAIL PROTECTED] www.london.edu ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System on behalf of the London Business School community. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html