Hi,
Thank you Fabrice and Ludovic Zammit (and thanks for the cc, as I did
not receive your reply via the list...) for your excellent suggestions!
I will take a look first at Ludovic Zammit suggestion, as you are right:
it's the "unknown CA" issue.
The question (for me) is: how to "issue a certificate from a MS PKI for
example (AD CS)"
New stuff to me. We're running a samba AD.
If anyone has documented how to do that, I would appreciate some help.
But for now I'll give good ol' google a go. :-)
Thanks again!
MJ
On 11/10/20 2:47 AM, Durand fabrice via PacketFence-users wrote:
Hello mj,
if the devices are joined to the domain then you can probably play with
the GPO.
You can have a configuration on the switch port with 802.1x/mab, so when
the device lost the supplicant configuration then it will go in the
registration vlan.
And on the PacketFence side you can enable the domain passthrough (to
allow the device to reach the AD from the reg vlan) then the device will
update it GPO and reconfigure the supplicant.
Regards
Fabrice
Le 20-11-09 à 10 h 45, mj via PacketFence-users a écrit :
Hi,
We are using packetfence with 802.1x authentication on our wired
network. This works nicely.
However, what we have now repeatedly seen, is that after (bigger)
windows updates, the windows 10 clients 802.1x authentication
configurations are reset back to the default -> no network for the
windows client.
I know this is not packetfence's fault, but talking to microsoft is
difficult. :-)
So, Anyone else here using wired 802.1x, and seeing this same
behaviour..?
Anyone with a clue on how to STOP this from happening?
As the workstations then have NO connectivity, the only solution is to
walk to them, and re-configure the settings. (or turn off
authentication on the switch)
Curious to your experiences.
MJ
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
