Hello,
We would like to enforce authentication for all clients connecting to
our network (wired or wireless), so that when a client connects, the
client will not be able to use the network unless it successfully
authenticates (e.g. via web) with a valid account (LDAP-based).
We have a network based mainly on Cisco 2950/2960 switches.
We are running a central LDAP Server (openldap) where we hold user
accounts, which are used for mail, ftp, web, Shibboleth access.
I guess we can enable 802.1x on switches and require authentication of
clients over freeradius.
Is there a suggested sample freeradius configuration for such use? Can
you please provide one or point me to a URL for it?
Can you share your experience and any pitfalls we should consider?
Any experiences on such use? Does this scale well (for about 20-30
switches)? Should we consider a central management solution? (Which?)
Thanks in advance,
Nick
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
