[c-nsp] Ethernet Authentication

Bill Nash billn at odyssey.billn.net
Fri Jun 30 17:35:12 EDT 2006 

I would suggest making the transition to PPPOE anyway. Bring the PPPOE 
configuration up in parallel, and work with the helpdesk to migrate the 
users instead of cutting it over. Given the number of uncontrolled 
elements in the equation, I think that's your best long term option.

- billn

On Fri, 30 Jun 2006, Paul Stewart wrote:

> Thanks... Unfortunately we have no way to track the user's MAC and it
> can change of course....
>
> Paul Stewart
> Network Administrator
> Nexicom Inc.
> http://www.nexicom.net/
>
> -----Original Message-----
> From: Matt Stockdale [mailto:mstockda at logicworks.net]
> Sent: Friday, June 30, 2006 5:24 PM
> To: Paul Stewart
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Ethernet Authentication
>
> centralize the DHCP server and have the 2621 relay the request? You
> should be able to track users as long as you know their MAC.
>
> http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_
> chapter09186a00804412bf.html
>
> Matt
>
> On Fri, 2006-06-30 at 15:31 -0400, Paul Stewart wrote:
>> The subject may not be the right description but I'm trying to find a
>> way to authenticate a bunch of fixed-wireless customers currently...
>>
>> Here's my scenario:
>>
>> Remote POP with Cisco 2621 and Cisco 2924 or 2950 switch.  At the
>> remote POP, Motorola Canopy or Trango fixed wireless customers are
>> connected into the switch.  The Cisco 2621 provides DHCP to anyone
>> connected as the Motorola and Trango both do their own proprietary
>> radio authentication.
>>
>> The problem is that once the radio authenticates, then the end user
>> computer gets an IP from the 2621 and they surf.  This is great until
>> you want to know who is on which IP address etc.  Obviously moving the
>
>> customers to PPPOE would work well, but that's a major change
>> especially on one site where we might have to change 150-180 users at
>> once (our helpdesk would shoot me lol)
>>
>> Ideally, what I'd like to know if it's possible is some kind of
>> authentication via a web browser linked to our existing Radius.  Is
>> there a way to do this in IOS and/or 3rd party?  I was thinking of
>> 802.x but all these customers connect across the same ethernet port in
>
>> most locations (or a few ports)...
>>
>> Thanks again to the list for your help...appreciate it...
>>
>> Paul Stewart
>> Network Administrator
>> Nexicom Inc.
>> http://www.nexicom.net/
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list