Team Proximus

{Zawgyi} Hello! မဂၤလာပါခင္ဗ် ! အရင္တပတ္က က်ေနာ္ 802.1x lab ေလးစမ္းျဖစ္ခဲ့ပါတယ္။ အဲ့ထဲကမွ က်ေနာ္သိခဲ့တဲ့ The IEEE 802.1x standard အေၾကာင္းေလး ေဆြးေႏြးေျပာျပခ်င္ပါတယ္။ The IEEE 802.1x ဆိုတာကေတာ့ LANs ဒါမွမဟုတ္ wireless LANs ထဲမွာ႐ွိေနတဲ့ device အခ်င္းခ်င္း ခ်ိတ္ဆက္အသံုးျပဳရာမွာ သံုးတဲ့ authentication standard ကိုသတ္မွတ္ေပးတဲ့ " စံ " ပါ။ The IEEE 802.1x standard ကိုသိေအာင္မလုပ္ခင္ point-to-point protocol (PPP) နဲ႔ extensible-authentication-protocol (EAP) တို႔ကိုအက်ဥ္းခ်ံဳးေလ့လာၾကည့္မယ္ဆိုရင္ PPP protocol က username နဲ႔ password ကိုသံုးပီး access လုပ္တဲ့ user ကို identify လုပ္တယ္။ EAP protocol က်ေတာ့ password ကေန challenge-response tokens ေတ public-key infrastructure certificate ေတအသံုးျပဳၿပီး authentication လုပ္ပါတယ္။ The IEEE 802.1x standard မွာက်ေတာ့ EAP protocol ကိုသံုးပီး authentication လုပ္တယ္ေပါ့။ အဓိကအားျဖင့္အစိတ္အပိုင္းသံုးခုေပၚအေျခခံပါတယ္။ supplicant (authenticate လုပ္မယ့္ client), radius (authentication server)

Operation Summary Today I tested 802.1x lab with cisco 2960 switch as Authenticator, DaloRadius as Authentication Server and Two window 7 clients as supplicant. Although EAP support different kind of authentication mechanisms, I use simple username and password authentication for lab. Server configuration Installing Free radius [root@radius ~]# yum -y install freeradius freeradius-utils freeradius-mysql Enable freeradius with below commands after successful installation. [root@radius ~]# systemctl start radiusd [root@radius ~]# systemctl enable radiusd Check the service status [root@radius ~]# systemctl status radiusd Start and enable firewalld [root@radius ~]# systemctl enable firewalld [root@radius ~]# systemctl start firewalld [root@radius ~]# systemctl status firewalld Add permanent rules to default zone to allow radius service.   [root@radius ~]# firewall-cmd --add-service=r