Olivier Bilodeau wrote: > I was wondering if there has been a collective effort to document the > meaning of the NAS-Port by the various Network Vendors?
Some, not much. > We are working on PacketFence here (an open source NAC) and we translate > the NAS-Port to the ifIndex so we can request a dot1x reauthentication > to the ifIndex if we want to (ie: IDS event). That might work. Sometimes. > We've done the translation by ourselves since vendor documentation is > often lacking and I was thinking there must exist such a resource. Does > anyone here know? If we have information, it's on the Wiki. Otherwise... it's hard. Most switch vendors do the Right Thing, and map NAS-Port to the switch port. For PPP, DSL, or WiFi systems, the NAS-Port is often meaningless. > I know we could use CoA with the original NAS-Port but it's less > supported than the SNMP PAE Reauthenticate MIBs. Yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html