Using 802.1x and 2 hosts (one physical and one virtual) on the same port
We trying to utilize the following scenario:
BYOD with users' windows based laptops and Apple Mac Books
Virtual machines within each of the physical machines: For Windows, the VMs will be Windows 7 VMs running within VM Workstation. For Macs, users will be running Windows 7 VMs within Fusion.
802.1x set for multi-host
Using 802.1x, we have a guest network that places the user's physical machine in once it fails authentication. The virtual machine runs the corporate image, and we'd like to have this VM connected to our corporate VLAN.
We have been running into this scenario though:
1. User plugs his BYOD laptop from into the network. His laptop gets attached to the guest network because it fails the 802.1x check.
2.The VM is powered on. It successfully is connected to the corporate network.
3.Now, the user unplugs his network cable from his host machine and waits 10 seconds.
4.He then re-plugs the network cable to his host machine.
5.The VM is the first to authenticate to the 802.1x network and it gains access to the corporate network.
6. Due to the VM being the first to authenticate on 802.1x, the host network connection piggybacks off of the VM, and therefore the host gains access to the corporate network
Obviously this represents a no-go if the user's BYOD computer is able to access the corporate network. Is there is any specific way that 802.1x can be configured to prevent this from happening?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :