I need to deploy 802.1x with mac-authentication in the network.
> The network diagram is attached.
> The connection between the branches are 10 Gbps and are operating through OSPF routing protocol.
> The ACS (4.1)appliance is residing in the HO branch only.( I have 2 ACS in replication mode, only one active all the time and the other is standby).
> My access switches are Catalyst 3560 with 12.0 IOS version.
> PCs are Vista operating system.
I need to know is there any problem if I deployed the 802.1x with mac-authentication for the whole network i.e the 5000 users must be authenticated through the ACS that resides in the HO.
Is the ACS processor will able to manage all the users authentication, if not what is the soluation?
Is there any latency will happen because of the authentication procees for these huge no. of users?
What is the IOS versions needed to support the 802.1x with my switches.
Finally, in many cisco documents I can see that before the user authenticated he can send only EAPOL, CDP and STP traffic, but in others you will see only EAPOL.. What is the right one?
I am waiting for any help.
Thanks and Best Regards