05-09-2007 07:46 AM - edited 03-09-2019 05:57 PM
i'm looking for a software that restrict the access to my network to just the domain PCs unless i specify other PCs by MAC or IP address.. in other words, if somebody try to connect his PC/hub/switch to our network, he will get blocked. i saw cisco clean access but i'm not sure if this will be the right software.
05-11-2007 05:02 AM
In that case then I would recommend you to use Radius / 802.1x port based authentication. With Dot1x you can assign user a specific vlan that will let you control user moments across the network.
Please check this link,
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12114ea1/3550scg/sw8021x.htm
05-11-2007 05:08 AM
thank you Jagdeep. that's the answer i'm looking for. it seems i'm going in the right direction. i'm using ACS radius to authenticate. do i need to know these quest users domains in advance as most of the ACS documentation talks about external windows database. do i need to add their PC or not. thank you again for your help.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: