Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Wireless/Wired Connections

What, if any would be the best solution to deal with users connecting to a wired infrastructure but also connected to another organization wireless? We want to only permit wired when connected. The end users are not domain controlled but 802.1x authenticated. Options? much appreciated.

9 REPLIES
New Member

Re: Wireless/Wired Connections

one way to do this would be with a supplicant (CSSC). another would be to use CSA (Cisco security Agent)...

Cisco Employee

Re: Wireless/Wired Connections

Do you mean you need to kill WLAN when connected to wired and/or vice-versa?

New Member

Re: Wireless/Wired Connections

Correct, since potentially the WLAN is another org's

Bronze

Re: Wireless/Wired Connections

one solution is Network Access Quarantine provided by Microsoft IAS/Radius server. As part of the authentication process a script is run on the client to verify it meets the requirements for connection to the network

Here is a link to a white paper describing the features.

http://download.microsoft.com/download/0/7/e/07ed1953-0ab5-41ea-b5da-41cf8bb9cdae/Quarantine.doc

The client does not have to be a member of the domain.

Bill

New Member

Re: Wireless/Wired Connections

Thanks Bill, that's great. Do you know of any way to accomplish the same with freeradius? IAS is nice but doesn't support as many EAP types as we require.

thanks

Bronze

Re: Wireless/Wired Connections

I don't know of any solutions of this type that don't cost money.

Is it possible for you clients to standardize on one tyoe of EAP to connect to your system.

good luck

Bill

Cisco Employee

Re: Wireless/Wired Connections

It should be possible for you to load a client that disallows/favors one type of media or the other. i.e. Disable WLAN is wire is plugged in, etc.

New Member

Re: Wireless/Wired Connections

which client would recommend?

New Member

Re: Wireless/Wired Connections

Juniper Odyssey Access Client.

This can be modified by an Admin and a user MSI file can be produced.

Once of the options is to overide WLAN when the device is connected to the Wired network. You can also restrict wireless access to certain SSIDs or just to WLANs with certain security critera

Chargeable client though at about $50 a seat. There is a 15 day full functional demo available to download from the Juniper site.

HTH

Paul

174
Views
0
Helpful
9
Replies