Network Access - Windows 2008 Technologies
we looking see if can accomplish following windows 2008 nap or nps technologies, hoping right forum.
we looking technology based on username/password (possibly two-form authentication method) based on information put end user vlan or particular network. possible ? if technology need @ make happen.
we looking technology based on username/password (possibly two-form authentication method) based on information put end user vlan or particular network. possible ? if technology need @ make happen.
hi,
since want control vlans based on authentication, think need use radius tunnel attributes. can accomplished with 802.1x authentication , nps switch supports vlan assignment radius tunnel attributes. mid-level , better switches support this.
a radius server 2 kinds of username/password checking. authenticate , authorize. authentication occurs first and determines *who* requesting network access. example, if user entered wrong password fail authentication. on nps, authentication rules called connection request policies.
authorization next and determines access level of user or computer. if computer or user in active directory group (or perhaps group created on switch itself) allowed access vlan 3, port assigned vlan 3. on nps, authorization rules called network policies.
nap checking occurs @ authorization level , not concerned username/password. concerned the health (configuration or update) status of client computer. can use authentication , authorization of username/password nap combine identity , health.
802.1x authentication works both wired access (switches) , wireless access (wireless access points).
-greg
since want control vlans based on authentication, think need use radius tunnel attributes. can accomplished with 802.1x authentication , nps switch supports vlan assignment radius tunnel attributes. mid-level , better switches support this.
a radius server 2 kinds of username/password checking. authenticate , authorize. authentication occurs first and determines *who* requesting network access. example, if user entered wrong password fail authentication. on nps, authentication rules called connection request policies.
authorization next and determines access level of user or computer. if computer or user in active directory group (or perhaps group created on switch itself) allowed access vlan 3, port assigned vlan 3. on nps, authorization rules called network policies.
nap checking occurs @ authorization level , not concerned username/password. concerned the health (configuration or update) status of client computer. can use authentication , authorization of username/password nap combine identity , health.
802.1x authentication works both wired access (switches) , wireless access (wireless access points).
-greg
Windows Server > Network Access Protection
Comments
Post a Comment