[ipxe-devel] EAP Authentication Methods?

[Joshua Oreman]

On Tue, Mar 29, 2011 at 6:03 PM, Gregory Fuller
<gregory.fuller at oswego.edu> wrote:
> I see that there is basic EAP Over LAN (EAPOL) support in iPXE.
> Anyone working on adding EAP authentication methods such as EAP-MD5,
> EAP-TLS, EAP-PEAP, etc?  It would be great if this support was
> available.  We currently use gPXE to bootstrap our LANDesk PXE boot
> menu which is provided by DHCP options and provide additional boot
> options to client.  But we are moving from open data ports to secure
> 802.1x enabled ports where we can't enable any sort of open access
> which would allow this to still function.  Typically you could use MAC
> based authentication at the switchport to get PXE functionality
> working on a dot1x port (ie: allow the client on the network), but we
> are unable to do that the way we are configured.  It would be nice if
> iPXE had even basic EAP-MD5 support which would allow PXE clients to
> authenticate to the switchport and load our imaging software over the
> network.  I'm willing to test if someone is working on building this
> support in!

Hi Gregory,

I'm the one who originally developed the 802.11 support for iPXE, and
I threw in the EAP stub in the hopes that someone would have the time
I didn't to actually get "WPA Enterprise" working. The same mechanism
would support EAP on a wired LAN.

Unfortunately, I've been very busy at school and I don't have much
time for iPXE these days, but I'd be happy to offer guidance if anyone
else is interested in implementing this. I may also have more time
over the summer.

Best,
Josh

>
> --greg
>
>
> Gregory A. Fuller - CCNA
> Network Manager
> State University of New York at Oswego
> Phone: (315) 312-5750
> http://www.oswego.edu/~gfuller
> _______________________________________________
> ipxe-devel mailing list
> ipxe-devel at lists.ipxe.org
> https://lists.ipxe.org/mailman/listinfo/ipxe-devel
>