> Am 18.10.2017 um 18:35 schrieb Peter Ankerst?l <peter at pean.org>:
>
>
>
>> On 17 Oct 2017, at 22:27, Chris Ross <cross+freebsd at
distal.com> wrote:
>>
>>
>> wpa_supplicant is the client we use at work, on Linux systems. But,
it?s also the tool described in the FreeBSD wireless configuration pages, so I
know it can be used there.
>>
>> I haven?t tried FreeBSD with wired 802.1x myself, but just a thought I
had.
>>
>> - Chris
>>
> Its my understanding that wpa_supplicant is actually a working client in
FreeBSD. But I?m looking for the server side of this.
>
> It would be just fine if it worked just like hostapd (control access of one
nic) and dont have any control over switchports or whatever. Another nice way of
doing it would be to have some sort of integration with authpf or pf itself.
I?m under the impression that the authenticator function in a wired network is
usually part of the switch, and the switch will talk to some authentication
server like RADIUS, giving it the port number of the connected device and
additional information.
If FreeBSD had such a function, I think it would be limited to point-to-point
Ethernet links, 802.1x being a link-layer protocol.
Stefan
--
Stefan Bethke <stb at lassitu.de> Fon +49 151 14070811
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL:
<http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20171018/63706b17/attachment.sig>