-
Notifications
You must be signed in to change notification settings - Fork 3
Network infrastructure projects
Like all ethernet devices, the Raspberry Pi can be on an untagged Access Port of a VLAN on a switch that supports 802.1q vlan configuration. However the Pi's ethernet adaptor also supports dot1q itself,
so you can add the vlan package and configure your device on a trunk port with multiple VLANs tagged.
For a simple explanation of how to do this see https://www.sbprojects.net/projects/raspberrypi/vlan.php
WPA Enterprise configuration for Wifi Access Points (APs) to authenticate users
- Otherwise look for dual Pi HA implementations with simple user admin interface
- With possibility to federate additional sites over internet (via VPN or at least securely)
- How about backing off to other Authentication providers for simplicity (a la OpenID?)
-
Simple FreeRadius on Arch: http://blog.utlemming.org/2013/01/wpa2-enterprise-making-my-raspberry-pi.html
-
Exhaustive FR on Arch with FDE (why?) as Backup: http://blog.epijunkie.com/2014/01/raspberry-pi-arch-linux-fde-freeradius3-a-low-power-radius-server-for-wpa2-enterprise/
-
Getting self-sign-cert: http://blog.epijunkie.com/2013/12/freebsd-freeradius2-eap-tls-ssl-admin-a-wpa2-enterprise-guide/
-
FreeRadius redundancy is easy: http://permalink.gmane.org/gmane.comp.freeradius.user/85723
-
FreeRadius on RPi step by step: http://binaryheartbeat.blogspot.co.uk/2013/12/raspberry-pi-based-freeradius-server.html
-
FreeRadius how to: http://www.wi-fiplanet.com/tutorials/article.php/3834676/How-to-Use-FreeRADIUS-for-Wi-Fi-Authentication-Part-1.htm
- DaloRadius GUI and MySql DB for FreeRadius: https://me.m01.eu/blog/2012/05/wpa-2-enterprise-from-scratch-on-a-raspberry-pi/
- Configuring RPi WPA Supplicant to authenticate via Radius: https://www.raspberrypi.org/forums/viewtopic.php?f=36&t=44029
-
ZeroShell – Linux distro for GUI Network Service Mgmt - http://www.zeroshell.org/radiusdetails/
-
PacketFence – NAC software with registration, captive portal and 802.1x integration
-
OpenWRT - http://wiki.openwrt.org/toh/raspberry_pi
-
pfSense does HA failover and can add in FreeRadius, but can it HA the authentication? http://www.opttic.com/best-open-source-firewall
- FreeRadius add-in for OpenID Connect: https://github.com/jimdigriz/freeradius-oauth2-perl
- And don’t forget there are other OpenID providers: https://parse.com/tutorials/adding-third-party-authentication-to-your-web-app
But here’s the chicken and egg problem of 802.1x Auth using Internet Login: https://groups.google.com/forum/#!topic/google-federated-login-api/JtEoXdsqfgU
And do Google really want to be an IdP? http://stackoverflow.com/questions/9088864/google-apps-as-identity-provider (or is this only a SAML issue?)