Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
0
Helpful
9
Replies

Wireless/Wired Connections

bradbrookc
Level 1
Level 1

‎03-27-2008 07:29 PM - edited ‎07-03-2021 03:36 PM

What, if any would be the best solution to deal with users connecting to a wired infrastructure but also connected to another organization wireless? We want to only permit wired when connected. The end users are not domain controlled but 802.1x authenticated. Options? much appreciated.

Labels:
0 Helpful
9 Replies 9

sabhasin
Cisco Employee
Cisco Employee

‎03-27-2008 09:32 PM

one way to do this would be with a supplicant (CSSC). another would be to use CSA (Cisco security Agent)...

0 Helpful

jafrazie
Cisco Employee
Cisco Employee

‎03-28-2008 08:56 PM

Do you mean you need to kill WLAN when connected to wired and/or vice-versa?

0 Helpful

bradbrookc
Level 1
Level 1
In response to jafrazie

‎03-31-2008 06:47 AM

Correct, since potentially the WLAN is another org's

0 Helpful

bcolvin
Level 3
Level 3
In response to bradbrookc

‎03-31-2008 11:05 PM

one solution is Network Access Quarantine provided by Microsoft IAS/Radius server. As part of the authentication process a script is run on the client to verify it meets the requirements for connection to the network

Here is a link to a white paper describing the features.

http://download.microsoft.com/download/0/7/e/07ed1953-0ab5-41ea-b5da-41cf8bb9cdae/Quarantine.doc

The client does not have to be a member of the domain.

Bill

0 Helpful

bradbrookc
Level 1
Level 1
In response to bcolvin

‎04-01-2008 07:18 AM

Thanks Bill, that's great. Do you know of any way to accomplish the same with freeradius? IAS is nice but doesn't support as many EAP types as we require.

thanks

0 Helpful

bcolvin
Level 3
Level 3
In response to bradbrookc

‎04-01-2008 09:44 PM

I don't know of any solutions of this type that don't cost money.

Is it possible for you clients to standardize on one tyoe of EAP to connect to your system.

good luck

Bill

0 Helpful

jafrazie
Cisco Employee
Cisco Employee
In response to bcolvin

‎04-01-2008 10:01 PM

It should be possible for you to load a client that disallows/favors one type of media or the other. i.e. Disable WLAN is wire is plugged in, etc.

0 Helpful

bradbrookc
Level 1
Level 1
In response to jafrazie

‎04-02-2008 09:36 AM

which client would recommend?

0 Helpful

pablo1711
Level 1
Level 1

‎04-17-2008 04:46 PM

Juniper Odyssey Access Client.

This can be modified by an Admin and a user MSI file can be produced.

Once of the options is to overide WLAN when the device is connected to the Wired network. You can also restrict wireless access to certain SSIDs or just to WLANs with certain security critera

Chargeable client though at about $50 a seat. There is a 15 day full functional demo available to download from the Juniper site.

HTH

Paul

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card