Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2107
Views
5
Helpful
2
Replies

802.1X and Endpoint Hibernate(mode)

Go to solution
TiUM
Level 1
Level 1

‎05-23-2021 01:42 PM

Hello all, my question will be very simple (maybe).

Before i implement authentication with ISE ppl could do a remote desktop to their machine if they were at home.

 

After the implementation with 802.1x, they can no longer do RDP to there machines when the PC enters in the hibernate mode.

What can i do to mitigate this kind of behavior?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
lrojaslo
Cisco Employee
Cisco Employee

‎05-24-2021 02:16 PM

It is dot1x expected behavior to block by default the port to only permit CDP-LLDP-EAP-STP traffic when the session is not yet authorized. In such case, you can try to have a pre-auth (port) ACL to permit RDP connection to the PC.

 

Otherwise, you can also use open mode (not recommended) to allow such traffic when port/session is not yet authorized.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎05-23-2021 03:41 PM

See a similar conversation here - Unable to RDP to Windows Desktop after dot1x enabled 

Go to solution
lrojaslo
Cisco Employee
Cisco Employee

‎05-24-2021 02:16 PM

It is dot1x expected behavior to block by default the port to only permit CDP-LLDP-EAP-STP traffic when the session is not yet authorized. In such case, you can try to have a pre-auth (port) ACL to permit RDP connection to the PC.

 

Otherwise, you can also use open mode (not recommended) to allow such traffic when port/session is not yet authorized.

0 Helpful
Customers Also Viewed These Support Documents