Hi, > (Sorry if this is OT) As I understand, I couldn't use 802.1x > authentication on just the switches themselves? Since a client must have > certificates to authenticate to a server. What i just wanted to accomplish > is to authenticate the switches only on the radius server, so this md5 > encryption I had setup should be sufficient?
what you do is up to you. a standard NAS will have several configuration options - allowing RADIUS for admin access or RADIUS for host/client access or both. why cant you just do 802.1X on thw switch? yes, clients need certs but thats the same as WiFi - you could get a RADIU server cert signed by a known CA in the OS (which isnt best but would allow thigns to just work) > Last question, could I just create a single user to be used by multiple > switches? Is there any conflict going to happen? Switch count on branches > ranges from 15-50. once again, depends on config. why do you think you cant? do you have strong user authorization/session checks? its just a user.... alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html