Security

Reply
New Contributor
Posts: 1
Registered: ‎01-22-2013

802.1x Machine and User Auth - looking for a more reliable way

[ Edited ]

We have machine and user auth working. The issue comes in with many of our users in cases like this:

 

1) User shuts down laptop and takes it home. They boot up at home and start working on a project. They hibernate the laptop so they don't lose their work and come back to the office. They dock and take the laptop out of hibernation and continue working. They undock - no wireless access. I have them reboot - works fine. Issue is that ClearPass cache times out and the machine never authenticated back in.

 

2) Company policy is to have wireless disabled when there is a wired connection. This is accomplished with a BIOS setting so there is no user interaction. Users boot up docked, then undock to head to a meeting...no wireless access because the CP server never sees the machine authentication because it booted up with the wireless off.

 

There are other cases but I believe you get the point. What I am looking to do is have it so domain users cannot onboard devices without going through the onboarding process but also not make users reboot to get on the wireless network.

MVP
Posts: 1,413
Registered: ‎11-30-2011

Re: 802.1x Machine and User Auth - looking for a more reliable way

[ Edited ]

i don't believe this is possible, machine auth only happens in the crtl-alt-del screen, that is how Windows works.

 

from windows 7 (or perhaps vista) you can also only auth with machine, so outside of ctrl-al-del screen, but then it isnt machine and user auth anymore.

Search Airheads
Showing results for 
Search instead for 
Did you mean: