On Sun, 2004-03-07 at 12:54, Matt Bailey wrote: > The trick is that I don't want a proxy server at the remote location. I'm trying > to accomplish this with a Radius server and AP's that are 802.1X compliant, but > I'm not sure if this is the appropriate way to accomplish this.
802.1x requires the use of a RADIUS server, so you're heading in the right direction if you want to use 802.1x. > For some reason I am under the impression that some AP's have an HTML splash > screen to enter user name and password via a radius server. The only AP I have > had to test is a dwl900AP+ trying to authenticate a WinXP box, and it certainly > does not come up with an HTML splash screen (After doing some reading it almost > sounds like you have to have proprietary client software on every computer that > wants to authenticate???). This is not what 802.1x is. 802.1x *does* require a client, but it is *not* a proprietary client. Many OS's these days come with them built in, ie Windows XP and up and Mac OS X 10.3 and up. A free 802.1x is available for Linux (http://www.open1x.org). > What AP's (if any) have this functionality? If you're wanting to use the HTML splash page type setup and still use RADIUS as the AAA platform, take a look at the Proxim AP-2500 units. They're designed to do just this. > Am I completely off base w/ my application of this Radius Server? Not at all, you just need to understand what it is you're wanting and what each technology does a little better. I would personally suggest you continue on your course with 802.1x. 802.1x does require the setup of a client, however it provides advantages over other methods, such as dynamic keying when TLS-based EAP methods are used. -- --Mike ----------------------------------- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
