Assume a new user is logging into the network for the first time and he starts his computer which has been configured for 802.1x PEAP. I have checked off the option 'Automatically use my Windows logon name and password' in LAN properties
Now, after the computer starts, the user is presented with the regular Windows dialog logon box to which he hits Ctrl+Alt+Del and enters his Windows AD credentials. I want those credentials to be sent to the switch as part of the 802.1x logon. After the port is authorized, those same credentials should be passed onto Active Directory to become authenticated to the Windows network.
Possible? I'm assuming this is the way it should & can work
This depends on the order of services being loaded by the Operating systems at the startup.If the option "Automatically use my Windows logon name and password" in LAN that should be fine for 802.1X authentication.So this should work for both LAN and AD in windows.
Hi, you need machine authentication as well. Otherwise Windows will not be able to verify the user's identity and cannot log the user in. Windows authentication of the user takes place before the switchport authenticates for the user. Machine authentication allows the computer to authenticate and get access to the network before the user logs in. Thus the user authentication CAN take place because the DC's are only available after machine authentication succeeded.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :