John Hodrien wrote:
On Thu, 22 Feb 2018, hw wrote:
That seems neither useful, nor feasible for customers wanting to use the
wireless network we would set up for them with their cell phones. Are cell
phones even capable of this kind of authentication?
Yes, entirely capable. WPA2-Enterprise isn't some freakish and unusual
Ok, so it would at least be possible.
I configure wireless once on my device (phone/tablet/laptop) and then can
travel to institutions all round the world and use their networks seamlessly.
How useless and infeasible indeed.
Well, this country is almost the worst of all countries around the world when
it comes to internet access. Though they list a few locations here where you
supposedly could use their service, I wouldn´t expect anything. Then there´s
the question of protecting your privacy. For example, how much do they pay you
for allowing them to keep track of your travels?
In any case, it wouldn´t do our customers any good because there aren´t places
all over the world where they could use our network.
Anyway, there are some clients that can probably authenticate, which leaves
the ones that use PXE boot. I tried things out with a switch, and it would
basically work. If it makes sense to go any further with this and how now
needs to be determined ...
A client that can't authenticate gets the network it's provided with by being
unauthenticated. If an unauthenticated client can't have any network access,
that's what they get. Presumably you could drop an unauthenticated machine
into a different VLAN.
That would be a problem because clients using PXE-boot require network access,
and it wouldn´t contribute to security if unauthorized clients were allwed to
CentOS mailing list