?
Solved

ShoreTel phones with Dot1x and Juniper switches

Posted on 2014-03-03
4
Medium Priority
?
519 Views
Last Modified: 2014-03-17
We are deploying dot1x with EAP-TLS throughout our network.  Unfortunately, we have a mix of Shoretel phones in front of all of our workstations.  What is the best way to get by this?

- create the MAC bypass users for each phone in Active directory?
- is there a supplicant to configure on the phone?

BTW we are connecting upstream to Juniper EX3300 switches.

Thanks,
0
Comment
Question by:L8C
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 17

Expert Comment

by:pergr
ID: 39903691
0
 

Author Comment

by:L8C
ID: 39907092
The issues I have with that are:

- The Backend RADIUS server - the only way I found to do MAB dot1x authentication is to create a separate user account for each phone.  Is there a wildcard option for MAB auth?

- Single supplicant isn't secure enough for us.

Thanks.
0
 

Accepted Solution

by:
L8C earned 0 total points
ID: 39924364
We just created a static mac filter list with a /24 wildcard for the OUI.  Thank you.
0
 

Author Closing Comment

by:L8C
ID: 39933747
Only one expert commented and it wasn't the right option.  I ended up finding my own solution.
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question