I have a customer requirement that no user should be able to use the network resources (proxy, firewall authentication, mail etc etc.) without being authenticated on the network level, say, every morning. Typically we observe that machines have a lease period from DHCP and quite often either we don't shutdown the desktop or keep the notebook in hibernate mode between usages. Customer wants to enforce the users authentication more often.
I have observed myself that even I don't get network authenticated (through my domain server) I can still, atleast, access the proxy for Internet. How do we avoid this?
The customer environment is on Cat400X/Cat65XX switches. Can we enforce a policy on the switch that user should be able to use the switchport only after authentication either on TACACS or (preferably) Win2K domain controllers?
The MAC based authentication that is mentioned for network security doesn't really suffice because desktop rarely change the MAC address. More frequent authentication has to happen, say every morning when we logon for network resources.
Other option I am exploring is, if we can do something on the Windows environment.
I think your customer's requirements( Network level) are too strict. If you need access to the internet, then proxy alone should authenticate the user. If you need access to mail, then it can be done by your mail server, etc etc. You can have a MS Active Directory to authenticate users for Network resources.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.