Hello Ali,
in fact when you authenticate with 802.1x you authenticate the user and
not the device.
So if you associate the user to a role then the role to an acl it mean
user = ACL.
Also i checked the code of the module and it looks that it doesn't
support dynamic ACL. Btw it looks to use the same kind of attributes
than a cisco switch.
So the support of dynamic acl should be trivial.
Regards
Fabrice
Le 19-09-04 à 06 h 57, Amjad Ali via PacketFence-users a écrit :
Hello there,
We are working on a use case where downloadable and dynamic ACLs are
used as separate features independent of web authentication.
The use case is simple, lets say we have an 802.1X user and I want to
associate a dynamic or downloadable ACL with it when the
authentication passes.
Our switch (Pica8) supports both dynamic and downloadable ACL's, I
just need to know how we can deliver those ACLs with Access-Accept for
both 802.1X and MAB.
I checked the device admin guide, the Role Mapping by Access List, but
its on a per device assignment, we want a per user assignment.
Any suggestions would be very well appreciated.
Thanks
Ali
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
