Repository : ssh://git@diktynna/doc On branches: backup-redmine/2024-02-03,main
commit 9a8c4251c873999b7d5cfede127bd6aa21688a8e Author: Linus Lüssing linus.luessing@c0d3.blue Date: Thu Feb 1 06:36:38 2024 +0000
doc: open-mesh/OpenHarbors
9a8c4251c873999b7d5cfede127bd6aa21688a8e open-mesh/OpenHarbors.textile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/open-mesh/OpenHarbors.textile b/open-mesh/OpenHarbors.textile index 223ca191..ce242920 100644 --- a/open-mesh/OpenHarbors.textile +++ b/open-mesh/OpenHarbors.textile @@ -53,8 +53,12 @@ The second issue with WBA OpenRoaming is that it currently requires a membership
h2. Solution
+---- + # Determine the tunnel destination from a domain suffix in the unencrypted login name (ak. "identity") the user provided -# Tunnel the full WPA exchange over IP +# Tunnel the full WPA exchange (EAPoL + encrypted payload) over IP + +---
Or in other words, move the 802.1x authenticator from the AP to a remote host of a user's choosing: