Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
After a user logs into a machine how quickly should the NAC Agent pop up and beging the ADSSO process?I have a 4.8 installation in my lab and while the ADSSO works, it takes roughly 1 minute (timed) before the agent pops up and begins the ADSSO proce...
Switching vlans works fine when the user is authenticated. The machine is on vlan X, user logs in, port changes to vlan Y and then receives an ip address from vlan Y. When user logs off, machine reauths and goes back to vlan X.However, when I use the...
I'm not sure if what I want to do is possible so hopefully someone can set me straight.Right now when a user doesn't have a 802.1x capable machine, they are assigned to the guest VLAN. Then using the dot1x fallback command we could force them to use ...
Currently in my lab guests on my network are assigned to our guest vlan via the RAC in the ACS server.Now I could also change the RAC to not assign the vlan and instead use the dot1x guest-vlan command on the switch ports.I'm wondering if there is a...
When using CTA 2.1 with the 802.1x supplement, first the machine would authenticate upon boot up and then when the user logged in they would be re-authenticated and any particular user settings would be applied. This was all evident in the ACS logs.H...
Ahh, I gotcha.So for a vendor coming in that might have 802.1x enabled it would fail right away, but for a domain machine that auths and then someone tries to log in locally it won't.I can probably live with that. People aren't supposed to log in loc...
Well having no luck going to my RADIUS server directly from the WLC I decided to try using our test ACS server in the mix. I configured it to talk to the RSA RADIUS server and reconfigured to the WLC to talk to the ACS server.Except for not selecting...
Well I loaded the secure services client on an XP machine and have tried all the different EAP methods using password and token and I get the exact same messages in the logs on the 2106 and the same messages in the accounting logs on the RADIUS serve...
