On 15 Jun 2012, at 16:39, "Hull, Niamh" <[log in to unmask]> wrote:
> Apologies for unintentional thread hijack and using the Wireless-Admin site. Thought I was most likely to get a response from the eduroam and radius experts on this thread. Do you enforce 802.1x authentication everywhere on the wired LAN and what radius server do you use ?
> Were there huge objections from users and colleges to securing the network ports?
We run dual-mode (MAC and 802.1x) on all our wired network ports across campus and ResNet. MAC is a compromise and stops user complaints. 802.1x reduces student disruption in our cluster rooms (just plug into another port, don't unplug the PC/Mac -- you get the same service). FreeRADIUS, with too many config mods...
James
--
James Goodlet, Head of Infrastructure Services,
IT Services, University of Sussex, Brighton BN1 9QT
|