Olivier, First my apologies for replying so late. Second, thank you for sharing that information regarding the K12 implementation.
One last question, can the mac authentication be circumvented by spoofing the mac? Example, I have 20 network printers which obviously I want to allow access on the network. Now if a user has their own personal laptop (which is not an authorized device) finds a printer mac and spoof the address, PF detect this and deny access? Does this have to do with configuring the maclock, first age mac arrival, and max mac entries on the port? Thanks again for everything!!! DP On Mon, Aug 9, 2010 at 1:55 PM, Olivier Bilodeau <[email protected]>wrote: > Hi Doc, > > Doc Phillips wrote: > > Greetings to all, > > > > Has anyone had success implementing PacketFence in an environment > > utilizing just Enterasys hardware? I would like to implement a NAC > > solution without the added costs and extensive restructuring of our > > current network. Can anyone share their story of implementing PF into > > such an environment, whether good or bad? We're currently using N > > series for the backbone, C series at the edge, and RBT's for our > > wireless AP's. > > We developed support for the N3, D2, C2 and C3. I was personally > involved with a deployment in the United States for a K12 using > Enterasys and it went well and smoothly. > > Not sure what an RBT is however. > > > > > Also, I see FreeRadius is supported but can Microsoft's IAS be used for > > radius authentication? > > PacketFence version 1.9.0 relies on a perl script installed in > freeradius that does some requests against the packetfence database. I > guess someone *could* rewrite the script in a language that is supported > by IAS but since freeradius is free and open source I wouldn't recommend > that. > > Usually the freeradius is installed on the PacketFence server so no need > for extra hardware or added complexity. > > You could use your IAS to proxy the requests to the freeradius server > but I don't see the benefit of doing that. > > I hope I answered to some of your concerns. > > Thanks, > -- > Olivier Bilodeau > [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence > (www.packetfence.org) > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by > > Make an app they can't live without > Enter the BlackBerry Developer Challenge > http://p.sf.net/sfu/RIM-dev2dev > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
