We are currently looking at 802.1x as solution to manual port security but I have heard horror stories about 802.1x deployments due to third party supplicant etc. Were looking at using Microsoft certificate services and Microsoft RADIUS services for the global deployment. Most of the systems are running XP SP2. Has anyone done large scale 802.1x deployments?? If so any advice on what to do and what not to due before I get this into the lab?
I dont have experience with microsoft RADIUS service but I have recently done a demo project for one of my customer for IBNS using 802.1x with guest vlan and failed authentication vlan user assignment.We have use Cisco ACS4.0 server for RADIUS services and used Windows XP's built-in 802.1x supplicant. We used Microsoft PEAP with the certificate service and it all went pretty well.
I have used Cisco's 802.1x supplicant and it has worked pretty well in my tests.You might have to upgrade you switches to the latest IOS for support of authentication failed vlans. The older IOS doesnot have the authentication failed feature.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.