802.1x guest-vlan

scu_comms · ‎09-07-2006

Is there some way to drop a port automatically into the guest-vlan without having to rely on timeouts? That is as soon as a port goes into an up state it defaults to the guest-vlan (rather than being unauthorised).

Also has anyone out there implemented the feature of OSX 10.4.5 and greater that enables 802.1x logins at the login window.

And furthermore can anybody answer why Cisco (after acquiring Meetinghouse) have avoided supporting OSX with the secure services client.

Thanks all

Fernando_Meza · ‎09-07-2006

Hi .. in regards to your first question "Is there some way to drop a port automatically into the guest-vlan without having to rely on timeouts? That is as soon as a port goes into an up state it defaults to the guest-vlan (rather than being unauthorised)." .. I don't believe this is possible as the allocation of guest-vlan or any vlan is triggered by an authentication request which happens as soon as there is link on that port. Now why would you want to default the port to guest-vlan without an authentication request ..?

I hope it helps .. please rate if it does !!!

scu_comms · ‎09-07-2006

Our current Mac labs are running OSX 10.3.9 which does not support 802.1x at login. Currently they authenticate via LDAP to a Novell server.

In order for the user to login to the workstation (via LDAP) the computer needs to be attached to the network. Therefore we propose to drop the user into the guest VLAN where they can login to the computer locally (and that is all they can do) and then when they are logged in they can raise a 802.1x conenction to access network services.