Hi All
I have a customer who uses wired docking stations when at desk and wireless when mobile. Wireless is dot1x auth through CPPM. We have enforced Machine Auth so that devices that only auth with user credentials get a deny all role. Machine and user auth gives you full access.
When they unplug their laptop from the docking station, the devices are only performing user auth. If they log off and log on again then the machine auth happens whilst at the windows login screen.
So this brings up three questions:
1) Does the controller cache the machine auth status at all and if so, how long?
2) Is there a way to force a windows machine to do machine AND user auth whenever the state of the network connections change?
3) Does clearpass have a better method of caching the status of the device?
Cheers