On Tuesday 29 Mar 2011 23:35:26 Joshua Oreman wrote: > On Tue, Mar 29, 2011 at 6:03 PM, Gregory Fuller <[email protected]> > wrote: > > I see that there is basic EAP Over LAN (EAPOL) support in iPXE. > > Anyone working on adding EAP authentication methods such as EAP-MD5, > > EAP-TLS, EAP-PEAP, etc? It would be great if this support was > > available. We currently use gPXE to bootstrap our LANDesk PXE boot > > menu which is provided by DHCP options and provide additional boot > > options to client. But we are moving from open data ports to secure > > 802.1x enabled ports where we can't enable any sort of open access > > which would allow this to still function. Typically you could use MAC > > based authentication at the switchport to get PXE functionality > > working on a dot1x port (ie: allow the client on the network), but we > > are unable to do that the way we are configured. It would be nice if > > iPXE had even basic EAP-MD5 support which would allow PXE clients to > > authenticate to the switchport and load our imaging software over the > > network. I'm willing to test if someone is working on building this > > support in! > > I'm the one who originally developed the 802.11 support for iPXE, and > I threw in the EAP stub in the hopes that someone would have the time > I didn't to actually get "WPA Enterprise" working. The same mechanism > would support EAP on a wired LAN. > > Unfortunately, I've been very busy at school and I don't have much > time for iPXE these days, but I'd be happy to offer guidance if anyone > else is interested in implementing this. I may also have more time > over the summer.
I don't have any immediate plans to implement this myself. If anyone wants to have a go at developing it, I'm happy to purchase and arrange delivery of a suitable switch for testing against. Michael _______________________________________________ ipxe-devel mailing list [email protected] https://lists.ipxe.org/mailman/listinfo/ipxe-devel
