802.1X implementation problems!

[ETBOY]

Hi,

I have implemented 802.1x in a cat3750 and my radius server is ACS.

I want to use wake on LAN to distribute software but with 802.1x applied WOL didn't work.

Does any one knows if it is possible and how to configure?

Thanks

 

[BuckWeet]

If i remember correctly you can have it go to a default vlan if the authenticaiton doesn't work...

 

[ETBOY]

Hi,

In dot1x i have a guest vlan, but when PC is shutdown switch port is unauthorized state, the only traffic that goes trough port is 802.1x,and port isn't in guest vlan so it don't solve my problem.

 

[BuckWeet]

Well other than that, you're SOL, because you need an 802.1x aware OS that will participate in the authorization..

that is where i was thinking of teh guest vlan feature..


BuckWeet

 

[Parcival21]

Hi there,
In my understanding of .1x the port is as you say in unauthorized state as long as noone in authorized on the port.
SO the packets that are sent to the port over LAN to wake the client will possibly not reach their aim...
The following could possibly work but I've never tried it and its only thinking.
WOL cards listen to the network traffic and search for packets with their MAC as destination address. If a packet has their destination address they will search for a special series of bits in the packet body.
To pass the 802.1x port the packet has to be an EAP/EAPOL packet. So you have to modify the packets that are sent to you WOL client. They have to be EAP packets with the bits needed for the wakening in their body.
If this sounds possible for you and you will try it, please let me know if this is possible to implement.

 

[ETBOY]

Hi Parcival,

Your ideia is good, but it's possible for me to try this. Cisco supports WOL in Cat 6000 with CAT OS 6.8 may be in near future they will support in IOS.

BR