RE: [dhcwg] DHCP interconnected to RADIUS for AAA
"Chen, Weijing" <wchen@tri.sbc.com> Tue, 11 March 2003 16:25 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA25972; Tue, 11 Mar 2003 11:25:55 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2BGdFO11231; Tue, 11 Mar 2003 11:39:15 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2BGcmO11201 for <dhcwg@optimus.ietf.org>; Tue, 11 Mar 2003 11:38:48 -0500
Received: from howler.tri.sbc.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA25845 for <dhcwg@ietf.org>; Tue, 11 Mar 2003 11:24:46 -0500 (EST)
Received: from sbctri.tri.sbc.com (mayhem-web-dmz.tri.sbc.com [144.60.9.137]) by howler.tri.sbc.com (8.12.8/8.12.5) with ESMTP id h2BGM6Tq019967; Tue, 11 Mar 2003 10:22:06 -0600 (CST)
Received: from TRIMAIL2.ad.tri.sbc.com (localhost [127.0.0.1]) by sbctri.tri.sbc.com (8.11.6+Sun/8.9.3) with ESMTP id h2BGM5D05147; Tue, 11 Mar 2003 10:22:05 -0600 (CST)
Received: by trimail2 with Internet Mail Service (5.5.2653.19) id <GP097J18>; Tue, 11 Mar 2003 10:22:05 -0600
Message-ID: <905A1C4ABF353F4C8CC16FA9F53DD0D632280D@trimail2>
From: "Chen, Weijing" <wchen@tri.sbc.com>
To: 'John Schnizlein' <jschnizl@cisco.com>, Erik Nordmark <Erik.Nordmark@sun.com>
Cc: Shankar Agarwal <shankar_agarwal@net.com>, rbhibbs@pacbell.net, Dhcwg <dhcwg@ietf.org>
Subject: RE: [dhcwg] DHCP interconnected to RADIUS for AAA
Date: Tue, 11 Mar 2003 10:21:57 -0600
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Thanks you all for the reply. After review and discussion, we kind of lean toward over John's suggestion: .1x for authentication, DHCP for address allocation, and all tied together by RADIUS. Anyone can point me to the product actually implementing: client (network device, I think Windows XP is one), access device, RADIUS server and DHCP server as per John's draft? -- Weijing Chen SBC Technology Resources 9505 Arboretum Blvd. Austin, TX 78759 512 372 5710 wchen@tri.sbc.com -----Original Message----- From: John Schnizlein [mailto:jschnizl@cisco.com] Sent: Tuesday, March 11, 2003 9:40 AM To: Erik Nordmark Cc: Shankar Agarwal; rbhibbs@pacbell.net; Dhcwg; Chen, Weijing Subject: Re: [dhcwg] DHCP interconnected to RADIUS for AAA At 08:51 AM 3/11/2003, Erik Nordmark wrote: >> Right now we don't have a simple username password authentication >> mechanism for DHCP and we have something very complicated which will not >> be used in most common deployments. In most of the cases we are happy >> with either cleartext user name password or may be MD5 encoded username >> password authentication. If we put this within the current DHCP >> framework then this will help in replacing the ppp in DSL and cabel >> modem world where username password is used to pick up the profile of >> the user. > >An alternative would be to figure out how PANA and DHC would work >together in this case. Another alternative is to follow the AAA that controls initial access at layer 2 (e.g. RADIUS authentication for IEEE 802.1X) with sending those RADIUS attributes to the DHCP server. This approach protects the access network and separates the functions of user authentication from address (and other parameter) configuration. The mechanism for interworking this way is in draft-ietf-dhc-agentopt-radius-02.txt. John _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] DHCP interconnected to RADIUS for AAA Chen, Weijing
- RE: [dhcwg] DHCP interconnected to RADIUS for AAA Barr Hibbs
- RE: [dhcwg] DHCP interconnected to RADIUS for AAA Barr Hibbs
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Shankar Agarwal
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Erik Nordmark
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA John Schnizlein
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Markus Schabel
- RE: [dhcwg] DHCP interconnected to RADIUS for AAA Chen, Weijing
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Prakash Jayaraman
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Erik Nordmark
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Ralph Droms
- RE: [dhcwg] DHCP interconnected to RADIUS for AAA Chen, Weijing
- Re: [dhcwg] DHCP interconnected to RADIUS for AAA Yoshihiro Ohba
- RE: [dhcwg] DHCP interconnected to RADIUS for AAA Gilles, Philippe Bernard