BYOD with users' windows based laptops and Apple Mac Books
Virtual machines within each of the physical machines: For Windows, the VMs will be Windows 7 VMs running within VM Workstation. For Macs, users will be running Windows 7 VMs within Fusion.
802.1x set for multi-host
Using 802.1x, we have a guest network that places the user's physical machine in once it fails authentication. The virtual machine runs the corporate image, and we'd like to have this VM connected to our corporate VLAN.
We have been running into this scenario though:
1. User plugs his BYOD laptop from into the network. His laptop gets attached to the guest network because it fails the 802.1x check.
2.The VM is powered on. It successfully is connected to the corporate network.
3.Now, the user unplugs his network cable from his host machine and waits 10 seconds.
4.He then re-plugs the network cable to his host machine.
5.The VM is the first to authenticate to the 802.1x network and it gains access to the corporate network.
6. Due to the VM being the first to authenticate on 802.1x, the host network connection piggybacks off of the VM, and therefore the host gains access to the corporate network
Obviously this represents a no-go if the user's BYOD computer is able to access the corporate network. Is there is any specific way that 802.1x can be configured to prevent this from happening?