Help

802.1x Login Window and System payloads

luke_gorham
New Contributor II

Posted on ‎11-16-2017 07:00 PM

Hey Guys,

Wondering if anyone can shed some light on the login window and system level network payloads in config profiles.

My workplace is looking at introducing 802.1x to our wired LAN. They are aiming at having machines be authed pre-login via machine creds. Then when a user is logged in have the user authentication being used on the network interface.

Im having trouble thinking how this would work, as both 802.1x payloads would both be applying to the same ethernet interface? Is this kind of thing possible? Id imagine there would be some scripting involved to switch to a user based 802.1x profile for the interface if its already using a machine based 802.1x profile pre login.

Labels:
0 Kudos
1 REPLY 1

Phantom5
Contributor II

Posted on ‎11-17-2017 05:43 AM

Luke,

This link from Apple could give you a hint on what you are trying to do.

802.1x is generally a two stage process. First you pre-authenticate with you network device to get access to the network, then second stage is where you authenticate to get access to your network.

We use a profile at the computer level that establishes a trust between the computer and the radius server, then there's a user profile that allows the user to use his/her credentials to authenticate to the network.

0 Kudos