Hi,
I have machine authentication enabled in my network for wireless users and caching for 24 hours. It appears that after machine authentication with domain, acs stores the mac address of wireless card into the cache as successfull authentication. so any user facking same mac address on the pc gets authenticated with acs server as its cached for 24 hours. so if the non legitmate user knows any legitmate mac address (Calling-station-id), he could access the network.
Is there any way we can make machine authentication better from security point of view?
Regards