802.1x on wired LAN

Similar Messages

• 802.1x on wired LAN with ACS 4.2

  Hi all,
              I am trying to get 802.1x fully working in our LAN. I get it working in lab test for all the PC,but we using IP phones which are not cisco and do not support 802.1x Authentication. I wanted to using MAC bypass for these phone;however, it seems the 2950T with EI image does not have mab and pae commands under in the terface command! I did upgrade the IOS from c2950-i6q4l2-mz.121-22.EA6.bin to c2950-i6q4l2-mz.121-22.EA12.bin with no LUCK!
  And I want to deny access to switch port behind these phones as I already have two cable drop for each office and cubicle. The only way that i can block these ports is  to use port-security and  hardcoded the MAC of each phone and set the mac-max=1. To reduce IT intervention, I don't want to go down this road. Is there a way to acomplish that?
  Thanks,
  ---Jean Paul

  Your certificate template will have a "renewal period" (for example, 6 weeks). Then, 6 weeks (or whatever the renewal period is) before the certificate is supposed to expire, the workstation will automatically attempt to renew its certificate. As long as the workstation is connected to the domain and has access to the CA at some point during that period, it can update its certificate and hence will not fail authentication.
  Hope that helps.
  Shelly

• Unable to see Shared Folder / Drop Box on wired LAN

  I am unable to connect to another Mac on my wired LAN (Netgear wndr3700), and it is unable to connect to my machine. We cannot see each others’ Public Folder / Drop Box.
  We can see each others Macs in the Shared section of the Finder’s sidebar, but trying to connect fails: “The server … may not exist or it is unavailable at this time…”
  Both are running 10.6.4 Snow Leopard SL. No Windows machines on the LAN - so this should be AFP only.
  We can see and connect to another Mac running 10.4.11 Tiger with no problem. BUT it is unable to connect to either 10.6.4 machine.
  Firewall on both machines: On; File Sharing (AFP) set to “Allow incoming connections”; Stealth mode Enabled (toggling doesn’t change); “Automatically allow signed software to receive incoming connections” is Off; “Block all incoming connections” is Off. Some other apps and services are set to Block… (krb5kdc, numbed, smbd…) AppleFileServer is set to Allow.
  Sharing: File Sharing Service only is On:
  Hard Drive - Everyone - Read & Write
  Users - Everyone - Read Only
  ~ (My Home Directory) - Everyone - Read Only
  Public - Everyone - Read & Write
  Drop Box - Everyone - Write only
  Thanks for any suggestions.

  It isn't directly related to the firewall, I'm having the same problem between two up to date machines, and to be sure, I have disabled the firewall on both. however, If i connect using the connect to server dialogue, I get through just fine. I believe it could be a dns resolution problem.
  strike that.
  Just tested, check in advanced network settings, and if you have any wins servers listed, remove them.
  krb5kdc needs to be allowed to accept connections, for me it popped up in little snitch when it was authenticating.

• How can I get my wired LAN to share my iMac's wireless internet connection

  Hi. (sorry for the long-winded posting below. I really struggled to explain what I'm trying to do, but would really appreciate any help from people who can recognise what I'm aiming for!)
  I've seen several postings about sharing internet connection, but none (I think) which sort my problem.
  I have a wired LAN with 3 Macs connected to a router, and the router to a cable modem and the internet. All working fine. All Macs have internet access.
  I'm considering ditching my broadband provider, and so looking for a replacement configuration, at least for the short term.
  So, I'd like to change the arrangement, connecting one of the Macs to the internet (through a local free WIFI hotspot) using it's airport card (that bit is done) and enable the other two Macs to share that connection via the router.
  I've turned internet sharing on, and share connection from Built-In ethernet, on the internet connected Mac. But whatever
  Has anyone got this setup working?
  PB
  Intel iMac 4,1 (early 2006)   Mac OS X (10.4.8)   1Gb SDRAM, 2GHz

  You can share a connection through the router or you can share a connection from the Mac via Internet Sharing, but you can't share an already shared connection.

• Wired-LAN B&W G3 no longer "seen" by Airport network

  For the past 5+ years I've had my old B&W G3 connected to my Airport Extreme via its wired LAN port. It was always accessible  from my G5 and just worked flawlessly. Last winter my G5 died & I was forced to use the G3 & therefore had to disconnect it from the AE and use it directly.
  Well, now I can't get my G5 to "see" the G3 via AE anymore. I hooked up everything as it was before but can't seem to get the network to "see" the G3. As I said it's been 5+ years since I did this initially so if anyone can think of something I missed I would surely appreciate the insight.
  FWIW as best as I recall, I initially just connected the B&W G3 to the AE's Ethernet LAN port, went to the Finder and selected Network & the G3 showed up. After typing my password I was able to access the G3. I remember thinking at the time "wow, that was easy!
  This is not an internet connection related problem.
  Any help would be greatly appreciated.
  Thanks
  Tim

  Hello Tesserax
  That did it.
  Thanks
  Tim

• Wired LAN on iPhone

  Hey guys,
  I was trying to use office internet on my laptop to access net on iPhone. I have a wired LAN.
  Any clues on how to do it if at all its possible???

  Anirudh Hingle wrote:
  I have already followed his blog but i think he is explaining the process if one has a data cord or something...
  The iPhone cannot connect to the Internet through it's cable the only way to do it is via Wi-Fi through your laptop this is the process that he was explaining.
  m not sure whether it will work for wired lan
  While your Network at work is wired and thus off-limits to the iPhone 9due to connection limitations) you can use your laptop to create an wireless access point thus giving the iPhone a way in.
  The process described in the link is the only setup possible with you current hardware to be able to do this.
  If you are having trouble setting this up my recommendation would be to just invest in a Wi-Fi router (or get your work to), you can get them for very little cost and they will save you from having to play around with network settings and quite possibly compromising your work's network security.
  You could get anything from a USB dongle style to an AirPort Express or even An AirPort Extreme base Station (just to name Apple's products that will work with this)
  This would greatly simplify your task for you
  otherwise if you still want to use the hardware you have available to you i would recommend hopping onto Microsofts discussion forum and ask about creating a Wireless access point with your Laptop as they would be better suited to answer those questions since they are Microsoft related. That link unfortunatley is the best laid out and informative one i know of without me writing one up myself.
  I feel that what you are really trying to acheive is a mixed network topology system in a Multiple star network layout (which is similar to what i run at home but mines more of a mesh architecture).
  With Wired and Wi-Fi options both integrated and the best way to acheive this is with a Wi-Fi router
  (wish you could draw diagrams for usage on here would make life a lot easier )
  Message was edited by: r.cloud

• [Solved] Failed to connect internet by Wired LAN, but wifi is working.

  After installation of gnome in archlinux, I enabled NetworkManager.service. I can successfully connect to wireless network. But I can't connect to internet through wired LAN. It shows wired connection established in NetworkManager. But no internet connection is accessible. I found that when connected to wired network, running "dhcpcd" in terminal shows messages like "dhcpcd[13584]: enp19s0: reject NAK via 192.168.1.1" and finally timed out.
  Can anyone give any suggestion ?
  Last edited by rasr11 (2015-04-12 01:50:44)

  It seems like a problem in dhcp, you could try setting a static route in network manager, just copy the route of your wifi conection. TheSaint was asking for the output of the shell commands posted by him to diagnose the network problem.
  Last edited by hydrosIII (2014-11-06 06:11:09)

• 802.1X for wired environments using Radius/ACS for Dynamic Vlan Assignment

  Currently Being Moderated
  802.1X for wired environments  using Radius/ACS for Dynamic Vlan Assignment
  Could someone please provide me with a simplest set of configuration steps to fire up Radius in ACS and 802.1X for dynamic vlan assignment. The objective is to roll out NAC L2 OOB using the 802.1X method for dymamic vlan assignments.
  If possible show:
  1. ACS/Radius Configurations.
  2. End User Switch Configurations
  Variables:
  Switch A
  MAC Address aaaa.bbbb.cccc     Vlan 10
              bbbb.cccc.dddd     Vlan 20
  Also, if someone posts the Pros and Cons of using Radius/ACS/802.1X for Dynamic Vlan Assignments.
  Other technology sets that can be used for Dynamic Vlan assignment EXCEPT from deprecated/obsolete VMPS.
  Thanks in advance. .

  Hi Guys,
      Hmmm, well if your just looking for Mac based authentication the good news is that is very easy.  Just set create your Radius server, ACS, FreeRadius, Steelbelted radius etc.  Then create user with the name of the Mac address, in other words if the mac address is 0012.0021.1122 the the name would be 001200211122 and the password would be the mac address.  Then you set the vlan and tunnel stuff, like so tunnel-Type would be vlan, Tunnel-medium would be 802 and Tunnel-Private-Group-ID is the name of the vlan(not the vlan number)
     So for the Cisco ACS 4.x you would create a user as specified above, fill in all the password boxes with MAC address, I believe the mac has to be all lower case in the name and the password.  Then check the Separate(Chap/MS-Chap/ARAP) box.  Then you pick the group the machine belongs to, the group is the part that defines what vlan it is on.
     Before you create the user, create the group with info I wrote above and in addition specify the Service-Type as Authenticate Only.
      Freeradius is a bit harder to configure the specifics and I am just now testing a freeradius server so I do not know the process for Machine authentication.
      If, however, you are trying to authenticate a user that gets a bit trickier and is not so straight forward.

• ConfigFree Autoswitch wireless to wired lan

  I use laptop on office wired Lan then at home on wireless lan. I have set auto network switch to switch networks. Then I have set auto profile switch using SSIS and saved a home wireless LAN profile that changes proxy and printer.
  It all works when go from office to home. However I cannot find anyway to get profile to switch back to office settings when I return to office and it auto swicthes to wires LAN. I can save and Office Lan profile but as it is not wireless and does not have a SSID it will not switch back automatically.
  Anyway to do this?
  Rob

  Hi
  > but as it is not wireless and does not have a SSID it will not switch back automatically.
  I think this is the point;
  In my opinion the Configsys doesnt switch to the LAN because of the missing LAN identification (SSID)
  Here you can find nice description how to configure the Auto Switch by SSID
  http://209.167.114.38/support/techsupport/troubleshooting/Configfree/index.htm
  I think without the SSID you will not be able to get this function working.

• Can't detect or print to C8189A All-in-One-Printer on a wired LAN

  Computers on my home wired LAN repeatedly but intermittently stop being able to print to the HP C8189A printer attached via wired LAN connection.  I began trouble shooting last night and uninstalled all HP software to start afresh.
  I cannot print to my HP C8189A all-in-one printer conected to a wired network from my desktop PC running Windows XP with SP3.  I can see the printer has pulled an IP from the router by looking at the router's attached client list.  I can ping the printer at its assigned LAN IP address.
  My desktop pc and the C8189A printer share a common DLINK Gigabit Switch which connects wired wired LAN to the DLINK router.
  I uninstalled and reinstalled all HP software but during the HP Solutions Center software reinstall it could not find the PRINTER on the lan, even when inserting the Printer's assigned IP address.
  When checking the network configuration from the printer, it confirms that it is has the correct IP address, but the HP software still cannot detect it.  I have pulled the power connector from the back of the power a couple times to RESET the printer.  This usually corrects what is now a terribly frustrating problem accessing the printer.
  Additional factoids: 1) other PCs can print to this printer, 2) SPYBOT Search & Destroy is running on my PC and popped some registry change windows during the install.
  I'm running out of ideas - any suggestions please?
  Message Edited by VARocketry on 01-09-2009 11:54 AM

  Hmmm ... this is interesting.  In review:
  You can print intermittently from your XP SP3 box to the OJP L7680.
  Disabling the SW firewall (Norton/Symantec, Zonealarm, McAfee, etc) on the SP3 PC doesn't help.
  Other computers on your network have no problems printing to the OJP L7680.
  You are running a wired (Ethernet) network.
  Did I get this right?  I'd like to ask a few more questions:
  What are the other types of computers on your network and what firewall do they run?
  The next time your XP SP3 computer has trouble printing to the OJP L7680, try to access the printer's internal web page.
  What are the IP addresses of the other devices on your network?  By chance, is there a duplicate address on your network?
  Finally, you can try adding the print driver manually to see if we can get you printing.  This is the sequence for XP: 
  Click "Start" button --> Printers and Faxes.
  Under Printer Tasks, click "Add Printer".
  Click "Next" button on the first Add Printer Wizard window.
  If the option for Local or Network printer appears, select "Local printer attached to this computer" and deselect  the "Automatically detect and install My Plug and play  printer" option.  Click "Next".
  Under Select a Printer Port option, select "Create a new port" and select "Standard TCP/IP Port"  and click "Next" button.
  In the "Welcome to the Add Standard TCP/IP printer port wizard" make sure that the printer is  turned on and configured. Click "Next" button.
  Under "Add Standard TCP/IP Printer Port" enter the printer's host name  (that is the hostname of printer that printed in network configuration page)
  under "Additional Port Information" select "Standard". Click Next, and then click Finish.
  Now, select HP from the list of manufacturers, select your printer from  the list of Printer models  and click 'Next' button.
  The Printer name will be highlighted on the next window.
  Click "Next" button.
  It ask for the Printer name -- leave it as is.
  Select "Yes" option for making the printer default.
  Click "Next" button.
  The Printer Sharing dialog box will open.
  Click "Next" button.
  The Print Test Page box appears.
  Select "Yes" option to print a test page.
  Print Test Page.
  Completing the Add Printer Wizard box appears.
  Click "Finish" button and wait for the files to copy 
  This should work to get you a print queue for your XP box.
  Regards / Jim B
  Regards / Jim B / Wireless Enthusiasts
  ( While I'm an embedded wireless systems engineer at work, on this forum I do not represent my former employer, Hewlett-Packard, or my current employer, Microsoft )
  + Click the White Kudos star on the left as a way to say "thank you" for helpful posts.

• Scanning on a wired LAN

  How feasible is it to use a USB scanner connected to one of the Mac Minis on a wired LAN? I remember seeing that it was possible in 10.4, but haven't seen anything in Leopard yet. Thanks in advance for all your assistance!

  I read here (http://www.jumper.it/Leopard/Funzionalitaperfotografi.html , point 4) that it's possible but i'm not able to find how. Im looking for.
  Anyone can reply?

• No "Wake for network access" over wired LAN

  Hello,
  I could not get “Wake for network access” to work over wired LAN connection. If I have WiFi enabled as well, or WiFi is the only network interface enabled the “Wake for network access” works fine. However, my Mac Pro is not responding to when I am trying to reach it remotely if only the wired Lan connection is used.
  Mac Pro 6-Core 3.33GHz 24GB RAM, latest updates, Snow Leopard, “Wake for network access” enabled in Energy Saver settings.
  It seams to me, that it was working some time ago.
  Can anyone suggest me places to look to, settings to check, commands to run ..... to get it working?

  Thank you Grant Bennet-Alder for responding. I will try to describe it as step-by-step as possible.
  - I have back to my mac enabled with screen and file sharing on my Mac Pro
  - By default I use wired NIC to connect my MP to network with manual configuration. (I have tried enable DHCP for that interface, however, the result was the same)
  If I need to reach files on my Mac Pro (while I am away from it) from my Macbook Pro, I open finder on my MBP where I see my Mac Pro. I click on it if I need to access files or use "Share screen..." button if I want to access MP screen. I have the same result if I try to enter vnc://xxx or afp://xxx
  my MBP tries to reach MP and brings the message after some time: Connection failed to "xxxxx" Please make sure the screen sharing is enabled....."
  I have no problems remotely accessing my MP if:
       - it is not sleeping (i.e. I ask someone at home to touch its keyboard to wake it up)
       - I have AirPort turned on on my Mac Pro
  I could not access my Mac Pro if:
       - it is sleeping and AirPort is off (the only wired NIC is used to connect to LAN)
  It does not matter am I trying to get screen/file sharing on local network or via internet - the result is the same - if the only wired connection to network is used and MP sleeps - no access.

• Is it possible to print from my iPad to a Airprint-enabled printer in a wired LAN.

  Is it possible to print from my iPad to a Airprint-enabled printer in a wired LAN? My iPad is via WiFi connected to that LAN. The WiFi connection of the printer isn't used.

  My Canon MX715 printer is wired connected to the router. My iPad is via WiFi connected to the router.
  The printer could be connected via WiFi but I prefer the wired connection. So the printer is part of the LAN to which I get access with my iPad via a WiFi connection. A network scanner shows them all  connected into the LAN.
  My Windows Laptop also connected via WiFi to the same LAN finds the printer and works well every time.
  The iPad has troubles to find the printer.
  After a couples of hours by trial and error I found an app of Canon Easy PhotoPrint. After I installed the app I found my printer and could print. It worked for the apps at my iPad that have the print feature. After a while I discovered that the different apps at my iPad don't find the printer immediately every time when needed. After multiple trials it works again.
  So the big question that remains: Why doesn't it works always? Have I initialize something after start up or wake up the print access to the Lan?

• Wired LAN for Laserjet P1100 printer?

  I have a Laserjet pro P1100 printer that was connected to my iMac desktop via USB.We've moved and our new house has wired LAN outlets which I'd prefer to use rather than USB or wireless connections. Is there a way to adapt a standard RJ45 ethernet cable to the USB port on my printer?

  Hey @drmac1 ,
  Thanks a lot for the question, now lets get you an answer!
  Unfortunately that is not possible.
  Sorry for the inconvenience. Have a great day!
  I worked for HP.

• Wired LAN for Canon MP620

  I have had mixed success once I upgraded my MacBook Pro 17CoreDuo to Snow Leopard with my Canon MP620 in my office. In Leopard, it was set up as a wired LAN, with a cable running from my Airport Extreme Base Station to my printer. Scanning was nice and speedy.
  All I can seem to do now is get it set up wirelessly, and the scanning is way too slow.
  What is the proper way to set up a wired LAN with Airport Extreme?
  I have gone so far as to get the printer on the same IP settings as my Mac.
  Mac IP is 192.168.1.55 Printer IP is 192.168.1.70
  Mac Subnet Mask is 255.255.255.0 Printer Subnet Mask is the same
  Mac Router setting is 192.168.1.1 Printer Router Setting is the same
  On the Printer, it is set to Wired LAN, and the wired LAN settings are all reading correctly.
  I can print as long as I keep the USB connected to the printer. As soon as I try to remove it, it shows up as "offline".

  When you have the printer connected via wired or wireless, you will have to add another print queue. The USB queue is purely for connecting from the Mac to the printer via USB, so this is why it will show offline when the USB is disconnected.
  To add the network printer on 10.6, you don't use More Printer > Canon IJ Printer menu like you did with 10.5. Instead, you need to select the Default browser view and wait. The printer will eventually appear in the Default view with the Kind column showing 'canonijnetwork'. Note that you will probably see the scanner appear very quickly, because it uses a different protocol to advertise itself on the network.
  Note that the printer will only advertise itself on the network if the v10.26 driver is installed. The version 10.19 driver included with 10.6 does not work across the network. If you open the Options & Supplies button for the USB printer queue, it will show which version you are using under the General tab.
  Note also, if you have the Parallels VM application installed, this can stop the network printer from appearing in the Default browser view.
  HTH
  Pahu