5

I have the following setup:

                        ____________
[Windows PC1] ---------|            |
                       | Linux Box  |----------[Internet]
[Windows PC2] ---------|____________|
                              |
                              |
                       [RADIUS server]

I would like to activate 802.1x authentication on the Windows PCs, and have the Linux Box play the role of a 802.1x authenticator (blocking all access to the Internet until the Windows PCs have properly authenticated themselves using the 802.1x protocol, and the Linux Box checks the credentials by interrogating the RADIUS server).

I could theoretically insert a 802.1x-capable switch between the Windows PCs and the Linux Box, but this setup is embedded and the hardware cannot be changed.

Apparently the OpenWRT project solved the problem somehow, so there must be an open-source solution somewhere, but I simply cannot find it. The only links I find are for the Open1X project (http://open1x.sourceforge.net/), but the Docs link is dead.

Help, please? :-)

Edit

Apparently OpenWRT's 802.1x authenticator is proprietary. I am now looking a hostapd: it includes a 802.1x authenticator, but it handles wireless access control... does anyone know if it can control a wired access?

MiniQuark
  • 671

2 Answers2

2

If you know that OpenWRT implements this, then I would definitely ask on the OpenWRT forums. The devs are there and might be able to point you to the relevant part of the code. Wrapping it up and deploying it is another matter, it might not be packaged for non-OpenWRT usage. But it should have a GPL-compatible license and be available in a public repository.

https://forum.openwrt.org/

dotancohen
  • 11,720
0

You should look at packet-fence. It's an integrated NAC (Network Access Control) application running on linux. PacketFence Home Site

DrNoone
  • 1,662