LanWarden
This project attempts to address the needs for a solid 802.1X based NAC solution using only opensource software (and standards) with a lot of Perl 'glue'. The reason for the birth of this project is that there was nothing opensource or commerical that truely used 802.1X to it's proper potential. There is some History to the project however it all really boils down to that I could not find any current opensource or commerical offers that could address the needs of SOAS, my employer and kind sponsor of this project who allowing me to release this under the GPLv2 licence.
N.B. this project is only suitable for network infrastructure (wired and wireless) that uses 802.1X to operate, this does not mean you have to have your workstations, printers, telephones, etc to all be 802.1X aware though. If your network edge equipment supports 802.1X and can generate 802.1X-esque RADIUS requests based on the connecting MAC address then you will be able to use this software.
At it's heart the project revolves around an LDAP database, the services that use this database are an LDAP enabled and tweaked ISC DHCP server and a slightly modified version of FreeRADIUS. Once you have created the necessary LDAP user accounts and configured a webserver then you should be able to easily configure the core of the system from there, however the FreeRADIUS server is an awkward contender and tricky to handle. For optional DNS to workstation tracking it uses DDNS. This site details how to configure your 802.1X network to configure everything apprioately and use the perl glue, Net::LanWarden, to join everything together.
- News
- History - or why you might want to consider LanWarden over other solutions
- Features
- How It Works
- Documentation
- Links? - references and links to useful material and similar systems that you might find more appropriate
Downloads
I have a lot lurking around and am in the process of putting together something publically digestable but for now I would recommend you contact me for a copy or just watch this space. Currently the Perl glue is being rewritten from scratch and a new LDAP schema being settled upon. The original design showed up how some of my early kludges caused real problems later on and the API started being a bit awkward to work with. I will be regularly updating the online 'git' tree here that you can browse with the link above, if you want your own copy do contact me and I'll send you a tarball.
