Educause Security Discussion mailing list archives
Re: 802.1X for wired ports
From: "James R. Pardonek" <pardonjr () CALUMET PURDUE EDU>
Date: Thu, 17 Jun 2010 06:18:16 -0500
We use a captive portal that relies on radius to make sure that the individual is a student or staff. We require
accounts for all who use our network. Those with no affiliation to Purdue require a sponsor. The sponsor is required to
submit a form that contains the users information along with duration of use. We then create temporary credentials for
that person. Our captive portal records the MAC address of the users computer along with the IP in case we have an
issue.
James Pardonek CISSP
Senior Network Administrator
Purdue University Calumet
________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Wed Jun 16 15:18:24 2010
Subject: Re: [SECURITY] 802.1X for wired ports
On 16/06/2010, at 3:57 AM, David Gillett wrote:
I believe 802.1X is a good solution for "inside" ports, but for "public access" ports a captive portal may be
a better option -- redirects browser requests to a login -page and blocks other traffic until login succeeds). We
initially used BlueSocket for our wireless authentication, and it could easily be deployed this way.....
David Gillett
________________________________
From: Entwistle, Bruce [mailto:Bruce_Entwistle () REDLANDS EDU]
Sent: Monday, June 14, 2010 17:21
To: SECURITY () listserv educause edu
Subject: [SECURITY] 802.1X for wired ports
We are currently looking for a method to secure wired ports located in locations accessible by the general
public. The network devices to which these ports are connected are Cisco 3750 switches. I have tested port based
authentication however I ran into the problem of not having the required supplicant installed. We are trying to avoid
having to do configuration on the client(student) machines. I was looking to find out what others have done to prevent
users outside the organization from simply connecting their computer through use of a patch cable and surfing the
Internet.
Thank you
Bruce Entwistle
Network Manager
University of Redlands
Current thread:
- 802.1X for wired ports Entwistle, Bruce (Jun 14)
- Re: 802.1X for wired ports David Gillett (Jun 15)
- Re: 802.1X for wired ports Russell Fulton (Jun 16)
- Re: 802.1X for wired ports Russell Fulton (Jun 16)
- Re: 802.1X for wired ports Mike Wiseman (Jun 17)
- Re: 802.1X for wired ports Justin Azoff (Jun 17)
- Re: 802.1X for wired ports Mike Wiseman (Jun 17)
- Re: 802.1X for wired ports David Gillett (Jun 15)
- <Possible follow-ups>
- Re: 802.1X for wired ports James R. Pardonek (Jun 17)
- Re: 802.1X for wired ports Daniel Bennett (Jun 17)
- Re: 802.1X for wired ports James R. Pardonek (Jun 17)
- Re: 802.1X for wired ports Daniel Bennett (Jun 17)