[CentOS] RADIUS
John Hodrien
J.H.Hodrien at leeds.ac.uk
Thu Mar 1 11:18:08 UTC 2018
This is really nothing to do with CentOS anymore, if it ever was.
On Thu, 1 Mar 2018, hw wrote:
> If PXE boot is not possible because it would require to allow network access
> to unauthorized devices, or if it is not reasonably feasible because
> switching the device to a different VLAN after allowing unauthorized access
> for booting and then providing credentials to authenticate the device (or
> the user) will result in the device freezing and thus being useless, then
> that just is so, and I have to deal with it.
Why would that *have* to result in the device freezing? You can PXE boot to a
kernel and initrd that after it's downloaded runs just fine without any
network access at all.
There's no requirement for a PXE client to have network access to anything
other than a VLAN with a boot server that provides it with a boot image. You
can obviously add on frippery that only recognises approved MACs for even this
if you feel the need.
> Right, but what about keeping track of customers? Apparently RADIUS has
> some accounting features, and it might be an advantage to use those.
I really don't get why you want WPA2 Enterprise for this setup. There's a
reason why almost everyone uses captive portals for providing access to lots
of external users.
jh
More information about the CentOS
mailing list