Wednesday, 18 July 2012
802.1X Remote desktop (RDP) user authentication
When connecting through remote desktop (RDP) to machines that are connected to 802.1X enabled switch ports (for example in Cisco ISE installations), connectivity issues, and session failures and disconnection issues could happen.
Most of these issues are related to the fact that native 802.1X supplicants don't authenticate and authorize users that connect through RDP. Access lists on port are left as you have machine with no user logged on it. In most cases these ACLs allow only traffic for logging user on domain etc., and remote desktop traffic is not allowed by these ACLs.
We have resolved this issue by using Cisco AnyConnect Secure Mobility Client with Network Access Manager - NAM module, as it behaves better and eliminates this problem by authenticating and authorizing user that is connecting through RDP and granting all rights and expected ACLs.
Labels:
802.1X,
Cisco,
IOS,
ISE,
Microsoft,
Remote desktop,
security,
switches,
troubleshooting,
Windows 7
Subscribe to:
Post Comments (Atom)
I am suffering the no credentials passing from RDP to the 802.1x native Windows supplicant and because of that users lose connectivity with the workstation after closing the RDP session.
ReplyDeleteIs there a way to make it work with RDP and Windows native supplicant? Or should I take another way?
I think I found a solution... http://thnetii.blogspot.no/2013/08/windows-remotedesktop-and-8021x.html
ReplyDelete