Home
Certification Preparation
Cisco
CCNA & CCENT
Dot 1 X
Lee H
Hi
For Uber security reasons we have certain ports at the switch enabled with Dot 1 X, this means that when the PC is re-imaged and its off the domain it doesn't even have sight of a DHCP scope so gets a 169.. so task then is to take the PC to a different port that has NO Dot 1 X applied - join domain and allow it to download Dot 1 X GP,
Question..
Does anyone else out there in the big world apply Dot 1 X to their switch port and how are you then re-imaging said PC in situ
Any info would be much appreciated
Cheers
Find more posts tagged with
Comments
albinorhino187
I don't have config specifics, but I believe you can have a default VLAN that the port enters if dot1x authentication fails. If that VLAN had access to join the domain, then you're good to go.
Or, you do your imaging/domain joining on a switch that's more physically secure than the rest of your ports so you can be safer in not putting dot1x on those.
pujan96
Hey Mate,
What you would want to do is set up a vlan for imaging PCs, and have the same vlan configured on dot1x as the vlan that switchports go to when dot1x fails, that way, say you go onto the onboard nic to image a PC, dot1x would fail, and the switchport would be put onto the vlan that has access to the imaging server.
Hope that helps
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
