05-09-2007 07:46 AM - edited 03-09-2019 05:57 PM
i'm looking for a software that restrict the access to my network to just the domain PCs unless i specify other PCs by MAC or IP address.. in other words, if somebody try to connect his PC/hub/switch to our network, he will get blocked. i saw cisco clean access but i'm not sure if this will be the right software.
05-11-2007 05:02 AM
In that case then I would recommend you to use Radius / 802.1x port based authentication. With Dot1x you can assign user a specific vlan that will let you control user moments across the network.
Please check this link,
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12114ea1/3550scg/sw8021x.htm
05-11-2007 05:08 AM
thank you Jagdeep. that's the answer i'm looking for. it seems i'm going in the right direction. i'm using ACS radius to authenticate. do i need to know these quest users domains in advance as most of the ACS documentation talks about external windows database. do i need to add their PC or not. thank you again for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide