https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/2916571#M40010 <P>Hi Steven-</P> <P>The issues that you are facing are not with the supplicant/client but the network access device (NAD) which in your case is the vSwitch which does not understand/support 802.1x/EAPoL.&nbsp;</P> <P>To provide secure access in your scenario you will also need the Nexus 1000v and SGT/SGA/TrustSec.&nbsp;</P> <P>Have a look at the following link:</P> <P><A href="http://blogs.cisco.com/enterprise/using-trustsec-to-simplify-virtual-desktop-infrastructure-vdi-deployment?_ga=1.71414867.1971257750.1450676310">http://blogs.cisco.com/enterprise/using-trustsec-to-simplify-virtual-desktop-infrastructure-vdi-deployment?_ga=1.71414867.1971257750.1450676310</A></P> <P><EM>Thank you for rating helpful posts!</EM></P> Tue, 29 Mar 2016 07:32:59 GMT nspasov 2016-03-29T07:32:59Z https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/2916570#M40009 <P>Hello,</P> <P></P> <P>I'm trying to get Windows 10 with Hypver-v enabled to successfully complete 802.1x negotiations and posture assessment with Cisco ISE. &nbsp;When Hypver-V is enabled on Windows 10 with an External type vSwitch, the 802.1x service is moved from the physical NIC to the vSwitch nic. &nbsp;The issue I have noticed is that the vSwitch nic does not respond to any EAPOL messages. &nbsp;As a workaround, I have tried to leverage the Cisco NAM module to negotiate 802.1x which does work, but the issue is that the Cisco Anyconnect Network Access Manager Filter Driver does not recognize the existence of the vSwitch nic. &nbsp;</P> <P>In the below pic, 802.1x auth completed successfully but anyconnect can't determine the status because the Filter Driver is not functioning on the vSwitch nic.</P> <P><IMG src="https://community.cisco.com/legacyfs/online/media/anyconnectauth.png" class="migrated-markup-image" /></P> <P></P> <P>vSwitch nic (Filter Driver is there but non functional. &nbsp;If I click the checkbox and then click Ok Windows prompts to disable the driver which is odd. &nbsp;It is as if Windows believes the driver is falsely enabled.)</P> <P><IMG src="https://community.cisco.com/legacyfs/online/media/vswitchnic.png" class="migrated-markup-image" /></P> <P></P> <P>The physical nic has the Filter Driver enabled but because Windows 10 has moved all the network functionality to the vSwitch nic, Cisco NAM is looking in the wrong place.</P> <P><IMG src="https://community.cisco.com/legacyfs/online/media/surfacebook-physical.png" class="migrated-markup-image" /></P> <P></P> <P>Thank you for your help.</P> Mon, 11 Mar 2019 06:34:22 GMT https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/2916570#M40009 steven austin 2019-03-11T06:34:22Z https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/2916571#M40010 <P>Hi Steven-</P> <P>The issues that you are facing are not with the supplicant/client but the network access device (NAD) which in your case is the vSwitch which does not understand/support 802.1x/EAPoL.&nbsp;</P> <P>To provide secure access in your scenario you will also need the Nexus 1000v and SGT/SGA/TrustSec.&nbsp;</P> <P>Have a look at the following link:</P> <P><A href="http://blogs.cisco.com/enterprise/using-trustsec-to-simplify-virtual-desktop-infrastructure-vdi-deployment?_ga=1.71414867.1971257750.1450676310">http://blogs.cisco.com/enterprise/using-trustsec-to-simplify-virtual-desktop-infrastructure-vdi-deployment?_ga=1.71414867.1971257750.1450676310</A></P> <P><EM>Thank you for rating helpful posts!</EM></P> Tue, 29 Mar 2016 07:32:59 GMT https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/2916571#M40010 nspasov 2016-03-29T07:32:59Z https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/3942088#M40011 <DIV class="uvUserActionBody"> <DIV class="typeset"> <P>It is supported with Windows Server 2019 &amp; Windows 10 version 1809 and above. 802.1x through the Hyper-V vSwitch is supported by making following registry edit:</P> <P>Run the following from an elevated command prompt.</P> <PRE>reg add “HKEY_LOCAL_MACHINE\<SPAN class="caps">SYSTEM</SPAN>\CurrentControlSet\Services\vmsmp\parameters” /v 8021xEnabled /t REG_DWORD /d 1 /f <BR />shutdown /r /t 0</PRE> <P>Source: <A href="https://windowsserver.uservoice.com/forums/295050-virtualization/suggestions/8619418-let-hyper-v-virtual-switch-forward-802-1x-authenti" target="_blank">https://windowsserver.uservoice.com/forums/295050-virtualization/suggestions/8619418-let-hyper-v-virtual-switch-forward-802-1x-authenti</A></P> <P>&nbsp;</P> </DIV> </DIV> Thu, 17 Oct 2019 00:27:54 GMT https://community.cisco.com/t5/network-access-control/802-1x-in-windows-10-with-hypver-v/m-p/3942088#M40011 howon 2019-10-17T00:27:54Z