Sitemap

Amicuk Programming Answers

Some questions on 802.1x?

2015-10-11   Views:0

Advertisement

Hello Everyone I have few questions regarding 802.1x authetication in wierd enviornment and with VLAN assignment by ACS. Please help me with these 1. How do I use 802.1x authentication in Windows enviornment with domain authentication? Is that the PC

Hello Everyone
I have few questions regarding 802.1x authetication in wierd enviornment and with VLAN assignment by ACS. Please help me with these
1. How do I use 802.1x authentication in Windows enviornment with domain authentication? Is that the PC first needs to have authenticated and then the user? If thats the case how do I configure windows for that?
2. Is it possible to have access-control based on roles? I have read about this on blogs but how do I configure? Any resources?
3.  I have 3-4 offices at different locations and one data center where RADIUS server and other intranet application are hosted. All sites are having MPLS connectivity and using same Radius server.  A user is configured in ACS for dynamic VLAN assignment to VLAN 25. From Office A ( user's primary office) he would not have any problems in authentication. What if user is going to Office B and tries to authenticate?  Will he assigned to VLAN 25? What if VLAN 25 is not present in Office B? How do we deal with this situation?
I know I have asked a lot in this post but I will be very greatful if you can help me with this.
Thanks in advance
Deepak Khemani

The replay answer
Advertisement
Deepak ,
1) You can setup either way (machine or user authentication). Machine or user needs to be authenticated and then Radius server assigns the appropriate vlan.
2) Yes, that is what dynamic vlan assignment is all about.
This doc will give you heads up about dot1x. 
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_13_ea1/configuration/guide/Sw8021x.html
3) If user logs in from office B you can assign different vlan that allows access as per user profile (incase vlan25 is not present at remote office). I'm not sure about your setup but this is very much achievable.
Regards,
~JG
Do rate helpful posts!

Go to See the other 2 answers

Some questions on 802.1x?

Category:DefaultRelease time:2015-10-11Views:130

Hello Everyone I have few questions regarding 802.1x authetication in wierd enviornment and with VLAN assignment by ACS. Please help me with these 1. How do I use 802.1x authentication in Windows enviornment with domain authentication? Is that the PC[More]

Question about 802.11n enabler

Category:DefaultRelease time:-0001-11-30Views:130

Hey folks. I just purchased the 802.11n enabler, however, i don't see any improvement in terms of speed or connection stablity. I checked network ulity, and it says it's installed, so.. what's the deal?You are right. 802.11n works only when there is[More]

Enabling 802.1x and MAC Authentication Bypass on ACS 4.2

Category:DefaultRelease time:-0001-11-30Views:130

Hi experts, I have a few questions regarding 802.1x & MAC Authentication Bypass configured on ACS 4.2. i. Is it possible to configure MAC authentication + 802.1x on ACS 4.2 at the same time? Here is the scenario; Our company would like to enforce 'do[More]

802.1x with AD authentication in a wired environment

Category:DefaultRelease time:-0001-11-30Views:130

Hello, I have a question about 802.1x authentication. I want use a combination from 802.1x and a domain authentication on a AD from microsoft. I think the first login request is the domain login, but the port on the switch is always blocked. After th[More]

802.1x bypassed?

Category:DefaultRelease time:-0001-11-30Views:130

Hi everybody. I have  a question on 802.1x. h1-----------hub---------f1/1-SW-------Radius server.                      |                      h2 h1 is a legitimate user while h2 is not.  h1 powers up while h2 is off.  h1 uses 802.1x and gets authenti[More]

Third Party Certificate, 802.1X and Intermediate Certificate

Category:DefaultRelease time:-0001-11-30Views:130

Hi Guys, Quick question: Have 802.1x setup with Windows Radius Server - Installed a Godaddy certificate which came with an intermediate root certificate.  I would like clients to validate the certificate to connect to the 802.1x, -  Question: Do i ne[More]

Network problem after new OSX update download

Category:DefaultRelease time:2015-10-11Views:130

Greetings! I've had a new (late 06) Intel 24" iMac networked wirelessly to my older iMac/cable modem/D-Link router very successfully since October. No problems and seamless set-up through the D-Link online wizard software. Saturday I noticed an OSX u[More]

Apple TV 'N' replace 2x Airport 'Gs'?

Category:DefaultRelease time:2015-10-11Views:130

I have a blackspot in my house which happen to be in the room where my iMac is (no, I can't move the iMac). To cover this I have to boost/relay my Airport Express with an old Airport Extreme. Not a major problem. If I was to get into the Apple TV tha[More]

802.1x for user authentication setup questions

Category:DefaultRelease time:2015-10-11Views:130

Hi, I am fairly new to the 802.1x realm, I have read several documents on how the setup is accomplished and I was hoping someone could validate the setup I have in mind to make sure I am on the right page.  Any comments or assistance would be greatly[More]

802.1X Port Authentication\ACS Question

Category:DefaultRelease time:-0001-11-30Views:130

Hello, I"m troubleshooting a 3560 port authentication issue. From what I was told from other members of my team when we upgraded to windows 7 at this site authentication no longer works. I compared an old config to a recent one and noticed there was[More]

802.1x Dynamic VLAN Switching Question

Category:DefaultRelease time:-0001-11-30Views:130

Trying to set up 802.1x dynamic VLAN switching, and have a question. I think I've gotten it working except for one part. The VLAN on a protected interface is never getting switched. I can see an entry in the ACS stating that it applied the appropriat[More]

Hot
I have had my iPhone for about a year, and I have a photo file from my old blackberry. When I go to back up my photos, it only backs up the camera roll. How do I back up the other album? The laptop where I had those photos broke, please can someone h [More]
Hi, We need to set Approval based on monthly Budget amount wise ex: We set up budget amount Total year is 60000 based on GL Account (Service Charges)wise in Budget scenario set up per month is i.e., April 5000 May = 5000 June = 5000 July = 5000 Aug = [More]
Dear all, I am using Toshiba satellite L855-S5186, and bad luck, I erased disk by toshiba tool. I inserted windows 8 DVD to check partition, and result is : windows 8 partition lost but Recovery partition still exist and full data, OMG, lucky. And th [More]
I'd like any attchment attched to the form to also be available to the distributed email. Is this possible?I understand.  Normally we have an "Ideas" page in this forum I'd point you to for adding and voting on Feature Requests but it is not wor [More]
and want iTunes to use my existing music library from the (still existing) previous partition, so I can sync my iPhone without wiping it. I've "transferred purchases" so any music I bought off iTunes and all apps etc are on the new install, but [More]
I have Company code having HQ address , the Warehouse as Plant address. We want to have asset and service procurement for HQ/Warehouse Is it possible since my plant is having Warehouse address,since if I create PO for asset it will show me warehouse [More]
If I add titles in an iPhoto slide show, they appear in the upper left hand corner of each slide. When I send the slide show to iDVD, the titles are outside of the TV-safe area and do not show on the DVD when played on a TV. Any suggestions as to how [More]
Hi, I've just started working on the Avitek Tutorials. Encountered the following error message when testing the connection pools for both the XA and non-XA connections. Warning! Connectivity to backend database not verified. This is either because re [More]
Hi, After upgrading my NI Developper Suite from rel. 8.2 to 8.2.1 (clean install, means deinstalling the rel. 8.2 and new install of rel. 8.2.1, incl. DAQmx 8.5). Installing the software trough MAXn the new PXI-8106 RT controller, everything is worki [More]
I want to cancel my accountWhat type of account for what? This is a forum for discussion of Printing and Prepress issues associated with Acrobat and PDF. You'll need to discuss your cancellation issue with someone in Adobe Customer Support. We cannot [More]