network access


hello
On a school network we have some fixed PC's and wireless clients
windows XP and Vista
the fixed PC's can have both pupils, teachers or guests login to
them
the wireless are laptops and usually dont change user.
I want to assign 3 vlans students, teachers and guests
i need to have network access control depending on mac address and/or
who logs onto the fixed windows PC's, and be able to assgin the port
to the correct vlan
when the user logs of it should clear the port vlan so as to stop
anyone changing the PC and getting around the access controll
will 802.1X do this for me or does anyone have any other suggestions
network hardware is about to change to all cisco
many thanks
Reply to
Supersleuth
Loading thread data ...
..
It depends on your client machines and their 802.1x supplicants.
I have the most experience with Mac OSX doing 802.1x, and you can setup 802.1x network profiles at at user level vs. a system level, when you set up the configuration, you choose at what level the 802.1x connection credentials are presented and for which user logins/etc, allowing you to have such-and-such user logging in to present such-and-such 802.1x credentials upstream for network access.
I don't know how windows handles per-user 802.1x supplicant user credentials.
I assume there is a way to configure windows simularly with per-user 802.1x supplicant credentials.
Reply to
Doug McIntyre
thanks iw as also looking at cisco NAC, but with a school the budget is very limited, but they do require very tight control of the network
my thoughtrs are to go with 802.1x unless anyone can suggest a better method.
i was hoping for peoples views and comments as to the right direction to take
Reply to
Supersleuth

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.