Message Image

Skip main navigation (Press Enter).

Become a Member

Wireless Access

View Only

Back to discussions

Expand all | Collapse all

802.1x queery...

This thread has been viewed 0 times

stunshotNov 05, 2015 11:14 AM

Hi, have users with laptops docked and connected to the LAN via ethernet, and also wln card enabled. ...

cappalliNov 05, 2015 11:17 AM

You would need to look at using certificates if you need this functionality. Thanks, Tim

cjosephNov 05, 2015 11:20 AM

Machine + user authentication works good if a user is on wireless most of the day. It does not work ...

stunshotNov 05, 2015 12:50 PM

Cheers chaps, were using radius on win domain,no clearpass.. Tim can you briefly explain why this ...

cappalliNov 05, 2015 12:52 PM

You can issue certs to users which can be used for both wired and wireless authentications. Your policy ...

1. 802.1x queery...

0 Kudos
stunshot
Posted Nov 05, 2015 11:14 AM

Reply Reply Privately
Hi, have users with laptops docked and connected to the LAN via ethernet, and also wln card enabled.

They log in and authenticate via the wired interface but would like to remove the laptop and carry on working via the Wlan which is configured with an 802.1x profile machine and user auth but it does not work seamlessly, have to re auth or reboot. I believe this is doable ??

Thanks
2. RE: 802.1x queery...

0 Kudos
cappalli

Employee
Posted Nov 05, 2015 11:17 AM

Reply Reply Privately
You would need to look at using certificates if you need this functionality.

Thanks,
Tim
3. RE: 802.1x queery...

0 Kudos
cjoseph

MVP
Posted Nov 05, 2015 11:20 AM

Reply Reply Privately
Machine + user authentication works good if a user is on wireless most of the day. It does not work well if they are on wired, because their machine authentication status times out on the wireless, and when they undock, they are only considered user authenticated.

Most people extend the machine authentication timer to account for the time they will not be on wireless. Below is where you change it for ClearPass:
4. RE: 802.1x queery...

0 Kudos
stunshot
Posted Nov 05, 2015 12:50 PM

Reply Reply Privately
Cheers chaps, were using radius on win domain,no clearpass.. Tim can you briefly explain why this will only work with certs ??

Thanks
5. RE: 802.1x queery...

0 Kudos
cappalli

Employee
Posted Nov 05, 2015 12:52 PM

Reply Reply Privately
You can issue certs to users which can be used for both wired and wireless authentications. Your policy can check to see if they have a valid cert from "X" CA and know that it's a valid computer and user.

Contact

WW Corporate Headquarters - Spring, TX - United States
1701 E Mossy Oaks Rd
Spring, TX 77389

Disclaimer

The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.hpe.com for current and complete HPE Aruba Networking product lines and names.

Company

Environmental Citizenship

Terms of service

Support

Support Services

Contact Support

Training & Certification

Software Downloads

Licensing Login

Partners

Become a Partner

Partner Ready for Networking

Technology Partner Programs

Copyright 2024. All rights reserved.

Powered by Higher Logic