> Now, once the IP-spoofer is detected...how do you disconnect it? > We disable the account and filter the MAC to force a re-auth that will > fail. Can we add "disconnect" on the wish list (or have I missed a chapter > in new 802.1x developments).
IEEE 802.1X is owned by IEEE 802.1, and is currently undergoing a revision (IEEE 802.1af) there. For details, see: http://www.ieee802.org/1/pages/802.1af.html With respect to "disconnect" in RADIUS, RFC 5176 describes how Dynamic Authorization (including Change-of-Authorization and Disconnect) operates within RADIUS. Several IEEE 802.11 Access Points now support this.
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
