[ietf78-tech] ietf-nac hostname + ssl cert?
John Kemp
kemp at network-services.uoregon.edu
Mon Jul 5 09:49:03 PDT 2010
That would be great.
At a minimum, simple radius authentiation works for the
Captivator webpage. So for example:
<user> Cleartext-Password := "<somepassword>"
We do have the requirement that the "user" be less than or equal to
20 characters, and only A-Aa-z0-9. We still need the token generation,
so if you want to generate the 10,000 random "RegId" lines, and see
if FreeRadius will load that, that would be helpful.
The Captivator also signals to radius accounting. If we
have a "maximum number of logins per regid == 10", I don't
know exactly how that would work. So we do want to find out
how that might work.
/jgk
On 07/05/2010 09:33 AM, Rob Nagy wrote:
> John,
>
> As you are testing and you discover what you need from FreeRadius, I am happy to take that side of it. Can you just forward me what captivator needs.
>
> Rob
>
> Sent from my iPhone
>
> On Jul 1, 2010, at 7:25 PM, John Kemp <kemp at network-services.uoregon.edu> wrote:
>
>>
>> Preferred FQDN that the clients see when they get redirected?
>> I think we want this to be a name that resolves correctly on the
>> NAC vlan.
>>
>> Second question: is self-sign certificate satisfactory, or do we
>> want to apply for a Verisign or similar cert matchine the above name?
>>
>> /jgk
>>
>> _______________________________________________
>> ietf78-tech mailing list
>> ietf78-tech at daedelus.com
>> http://www.daedelus.com/mailman/listinfo/ietf78-tech
More information about the ietf78-tech
mailing list