Authentication in an Wired Network

[gragnous]

Can you point me in the right direction to learn about how to authenticate clients in a wired network, similar to a key in a WiFi network?

I'm hoping there is a simple way to keep an unapproved device from being plugged into and gaining access to the data on a wired network. We're currently using a off the shelf router flashed with DD-WRT, but I've been experimenting with and will likely switch to PFsense.

 

[sfx2000]

Here is the Cisco way of doing things - pretty much a good read, and similar to how others do it (terms might be different, but the fundamentals are the same)

http://www.cisco.com/c/en/us/td/doc...a1/configuration/guide/2940scg_1/sw8021x.html

 

[System Error Message]

simplest answer is RADIUS. There are ways you can guard your wired network with a managed switch though aside from authentication.

 

[Cloud200]

There are a few ways to do this based on what your needs really are;
If you are just looking to block access to the internet . . . a captive portal authenticating to either a simple passcode or database will work.
If you are looking to completely block access to the LAN . . . 802.1x authenticated off of a RADIUS server is considered industry standard.

 

[sfx2000]

If you are looking to completely block access to the LAN . . . 802.1x authenticated off of a RADIUS server is considered industry standard.

He's proposing the wire, so RADIUS is the answer with a managed switch perhaps..

 

[cobra_shipwreck]

You can do mac address based security. I will check to see if you can manage wired hosts on the asus merlin firmware.