Wireless/Wired Connections

Unanswered Question
Mar 27th, 2008

What, if any would be the best solution to deal with users connecting to a wired infrastructure but also connected to another organization wireless? We want to only permit wired when connected. The end users are not domain controlled but 802.1x authenticated. Options? much appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sabhasin Thu, 03/27/2008 - 21:32

one way to do this would be with a supplicant (CSSC). another would be to use CSA (Cisco security Agent)...

jafrazie Fri, 03/28/2008 - 20:56

Do you mean you need to kill WLAN when connected to wired and/or vice-versa?

bcolvin Mon, 03/31/2008 - 23:05

one solution is Network Access Quarantine provided by Microsoft IAS/Radius server. As part of the authentication process a script is run on the client to verify it meets the requirements for connection to the network

Here is a link to a white paper describing the features.

http://download.microsoft.com/download/0/7/e/07ed1953-0ab5-41ea-b5da-41cf8bb9cdae/Quarantine.doc

The client does not have to be a member of the domain.

Bill

bradbrookc Tue, 04/01/2008 - 07:18

Thanks Bill, that's great. Do you know of any way to accomplish the same with freeradius? IAS is nice but doesn't support as many EAP types as we require.

thanks

bcolvin Tue, 04/01/2008 - 21:44

I don't know of any solutions of this type that don't cost money.

Is it possible for you clients to standardize on one tyoe of EAP to connect to your system.

good luck

Bill

jafrazie Tue, 04/01/2008 - 22:01

It should be possible for you to load a client that disallows/favors one type of media or the other. i.e. Disable WLAN is wire is plugged in, etc.

pablo1711 Thu, 04/17/2008 - 16:46

Juniper Odyssey Access Client.

This can be modified by an Admin and a user MSI file can be produced.

Once of the options is to overide WLAN when the device is connected to the Wired network. You can also restrict wireless access to certain SSIDs or just to WLANs with certain security critera

Chargeable client though at about $50 a seat. There is a 15 day full functional demo available to download from the Juniper site.

HTH

Paul

Actions

This Discussion

 

 

Trending Topics - Security & Network