Wednesday, 18 July 2012

802.1X Remote desktop (RDP) user authentication

When connecting through remote desktop (RDP) to machines that are connected to 802.1X enabled switch ports (for example in Cisco ISE installations), connectivity issues, and session failures and disconnection issues could happen. Most of these issues are related to the fact that native 802.1X supplicants don't authenticate and authorize users that connect through RDP. Access lists on port are left as you have machine with no user logged on it. In most cases these ACLs allow only traffic for logging user on domain etc., and remote desktop traffic is not allowed by these ACLs. We have resolved this issue by using Cisco AnyConnect Secure Mobility Client with Network Access Manager - NAM module, as it behaves better and eliminates this problem by authenticating and authorizing user that is connecting through RDP and granting all rights and expected ACLs.

2 comments:

  1. I am suffering the no credentials passing from RDP to the 802.1x native Windows supplicant and because of that users lose connectivity with the workstation after closing the RDP session.

    Is there a way to make it work with RDP and Windows native supplicant? Or should I take another way?

    ReplyDelete
  2. I think I found a solution... http://thnetii.blogspot.no/2013/08/windows-remotedesktop-and-8021x.html

    ReplyDelete

Disclaimers: This is a personal weblog. The opinions expressed here are entirely my own and not those of my employer and/or its affiliates. This material is not sponsored or endorsed by Cisco Systems, Inc. Cisco, Cisco Systems, CCIE and the CCIE Logo, CCDP, CCNA and CCDA are trademarks of Cisco Systems, Inc. and its affiliates.