Network Access Control for Wired and Wireless Campus Network using 802.1X

OData support
Dr. Fehér Gábor
Department of Telecommunications and Media Informatics

As the mobile devices are more common to use, to make a proper authentication for the university network became a more critical task. The thesis aims to introduce the 802.1x based network authentication solutions, which potentially can replace the current system.

The test network was set up in the Electrical Engineering and Computer Science’s dormitory. It is a suitable place to meet the problems right at the design step, so we can find a solution to them before they come up in the live network. The users in the dormitory use several types of devices to connect to the network, not only standard and well described devices and operation systems.

By the design of the test network, there is another point we should keep in mind. The network devices are now in end-of-life state, so we should change them int he next semester or so. We should think about what vendors can we use in the new network instead or with the currently used Cisco. The new vendors must offer the same effiency as the currently used authentication methods.

The requirements of the new scheme are the following. We should be able to handle different user-groups, and define rules for these groups to access the network. We must be able to handle a wide range of devices, and also be able to handle the exceptions. We already have a directory of the users so the new system must work with this as well.

On one hand I used FreeRADIUS with smart network devices, which can work as NAS in the process, ont he other hand I used a portal-based solution that does not presuppose the existence of manageable network devices.

In my thesis I wrote about the planning considerations raised during the planning steps, I present the used protocols, the main steps of the configuration, and testing.


Please sign in to download the files of this thesis.