Security

Who Me Too'd this topic

New Contributor

802.1x Machine and User Auth - looking for a more reliable way

We have machine and user auth working. The issue comes in with many of our users in cases like this:

 

1) User shuts down laptop and takes it home. They boot up at home and start working on a project. They hibernate the laptop so they don't lose their work and come back to the office. They dock and take the laptop out of hibernation and continue working. They undock - no wireless access. I have them reboot - works fine. Issue is that ClearPass cache times out and the machine never authenticated back in.

 

2) Company policy is to have wireless disabled when there is a wired connection. This is accomplished with a BIOS setting so there is no user interaction. Users boot up docked, then undock to head to a meeting...no wireless access because the CP server never sees the machine authentication because it booted up with the wireless off.

 

There are other cases but I believe you get the point. What I am looking to do is have it so domain users cannot onboard devices without going through the onboarding process but also not make users reboot to get on the wireless network.

Who Me Too'd this topic