On Saturday 01 March 2008, Sanga M. Collins wrote: > Does anyone have any insight into using 802.1x extensible > authentication as a form of MAC address filtering. I > would like to find a way to restrict MAC address on our > VPN network without having to manually assign IP > addresses to MAC id's in 37 separate locations with on > average 15 workstations per location, 2 servers, 1 > biometric reader and about 5 printer per location as > well.
Well, there are several ways you can implement network resource protection at Layer 2, e.g., physical security, corporate policy, switch port security, VLAN's, e.t.c. But 802.1x port authentication would be a way to scale port security and control access to the network. This is not specific to Juniper, as 802.1x is an IEEE standard protocol. Are you using Juniper for your Layer 2 switching? Is this a local LAN seated behind each VPN, or is this a VPN based on VPLS/EoMPLS p2mp PW's? Mark.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
