Solved

ShoreTel phones with Dot1x and Juniper switches

Posted on 2014-03-03
4
487 Views
Last Modified: 2014-03-17
We are deploying dot1x with EAP-TLS throughout our network.  Unfortunately, we have a mix of Shoretel phones in front of all of our workstations.  What is the best way to get by this?

- create the MAC bypass users for each phone in Active directory?
- is there a supplicant to configure on the phone?

BTW we are connecting upstream to Juniper EX3300 switches.

Thanks,
0
Comment
Question by:L8C
  • 3
4 Comments
 
LVL 17

Expert Comment

by:pergr
ID: 39903691
0
 

Author Comment

by:L8C
ID: 39907092
The issues I have with that are:

- The Backend RADIUS server - the only way I found to do MAB dot1x authentication is to create a separate user account for each phone.  Is there a wildcard option for MAB auth?

- Single supplicant isn't secure enough for us.

Thanks.
0
 

Accepted Solution

by:
L8C earned 0 total points
ID: 39924364
We just created a static mac filter list with a /24 wildcard for the OUI.  Thank you.
0
 

Author Closing Comment

by:L8C
ID: 39933747
Only one expert commented and it wasn't the right option.  I ended up finding my own solution.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CPU at 100% usage, why? 27 133
Blocking content using category or ID in McAfee WebGateway 2 34
md5 password 3 62
I wonder how people fake their ip address? 3 39
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question