Introduction
Things to mention:
802.1X consists of blocking all packets at the client's point of access into the network, including all broadcast packets, etc. It is possible on Wi-Fi, ethernet and other mediums.
What RADIUS/802.1X is able to provide and not and in which situations.
Architecture
Things to mention:
Re-auth, accounting, request from server, features supported by TP-Link NASes
Terminology: NAS, RADIUS, FreeRADIUS, Authenticator, Supplicant, Authentication server
Protocols used: EAP, MSCHAP, PEAP, TTLS, TLS
Difference between auth systems: PEAP, TTLS, TLS
RADIUS is the protocol, it can be used for many purposes and many authentication methods can be used.
Certificates
Outer and inner identity and MAC/Windows support
Inner tunnel and outer tunnel sites
authorize, authenticate, post-auth, etc. sections
clients.conf
sites-available
mods-available
Sources
Support / Knowledge places
FreeRADIUS wiki:
FreeRADIUS mailing list:
https://wiki.freeradius.org/guide/Users-Mailing-List
http://lists.freeradius.org/mailman/listinfo/freeradius-users