Hi Louis, Ok, here is the separate thread, with some more freeradius questions... I realise that this is not packetfence-specific, but I hope this is still relevant enough te be discussed here.
Do I understand correctly that when getting freeradius involved, things would work approx. like this: - a (new unknown) client connects to a port - using 802.1x (client support required) a username/password is requested from the unknown client - packetfence verifies it, looks up roles, etc, etc - then pf sets a freeradius acl in the pf freeradius server - the procurve 5400 reads that acl from the pf radius server, and sets the switch port accordingly - voila: network connectivity in the configured vlan next time the device boots: - procurve confirms that the mac address is the same as last time, no further dialogue with freeradius: the client is granted the same access. (or perhaps: dialogue with radius to make sure that the ACL is still the same, and in case radius happens to be down: keep the acl the way it was?) All the dialogue / authentication capabilities with radius/packetfence (called 802.1x) are built-into windows, linux, etc, etc on a very basic network level, before dhcp etc comes into play. The procurve5400 'driver' from packetfence knows everything it needs to know about the procurve acl options, it's capabilities etc, therefore there would be no need to read through all procurve radius docs, packetfence/freeradius combined will configure the procurve according to the options I configure in pf webgui? Is this all approximately correct? Hopefully next week I'll receive my new 5400, so I can start testing the above on an actual device... Regards, MJ ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
