I am trying to find a solution for guest and PXE to co-exist. I am setting up authentication so that the devices with a certificate will go to vlan 20. If the device don't have our certificate it will go to vlan 30 (guest vlan with only access to the Internet). The problem comes when we have to do pxe installation of a new computer or reinstallation of an old one. Since those devices don't have a cert they will be moved to the guest vlan.
What options do we have for this? The guest vlan should not have access to AD, pxe servers, ISE...
For new computers is it possible to set up a portal where the PC-guys can register the MAC-address of new computers, the MAC is then places in a group called "New computers", and we have a authorization rule that puts all the computers in that group in a deployment/pxe VLAN?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...