Re: ipfw plus authentication???
- From: Norberto Meijome <freebsd@xxxxxxxxxxx>
- Date: Tue, 4 Apr 2006 23:52:22 +1000
On Mon, 3 Apr 2006 00:34:49 -0700 (PDT)
Mark Jayson Alvarez <jay2xra@xxxxxxxxx> wrote:
I am looking for ways to manage our LAN by having each user register
their ipaddress, mac address, workstation os, etc. in our ldap
directory. Now in our pcrouter, the users will first send his login
credentials to the pcrouter, and then the pcrouter will check against
ldap if this login is correct, and if it is, then it will now do an
ldapsearch/compare operation to see if the source address (ip/mac) of
the user trying to gain network access is indeed belongs to that
user. Only then, the ipfw ruleset will be changed to allow traffic
originating from this source address...
Something like a captured portal for wireless? (is that what they were
called? :D ) I like the idea though
btw, why you will be trying to lock down by ip/mac... you need to make
sure the users cant change this at their end...
Why do the users set their own IP? dhcp....
I remember reading somewhere about authentication at the DHCP level...
from memory, with managed switches and disabling the port via snmp (for
a period) if there was something askew.
B
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- References:
- ipfw plus authentication???
- From: Mark Jayson Alvarez
- ipfw plus authentication???
- Prev by Date: Re: Firefox 1.5 getting downright irritating
- Next by Date: Odd Sharity-Light mount issue
- Previous by thread: Re: ipfw plus authentication (authpf is cool but....)
- Next by thread: Root on vinum volume on freebsd6.0/sparc64
- Index(es):
