802.1x and Windows 2000 client

TheMSsForum.com: The Microsoft Software Forum

We try to implement 802.1x authentication on our network.
But specificity is, that not all computers are equipped
with SP3. And the plan is to make a quest(buffer)VLAN for
such computers. But the problem is that Windows 2000 once
entered to "quest" VLAN on Windows startup don’t want re-
authenticate with domain username and password after they
entered. Also if we initiate re-authenticate port from
switch, Windows 2000 802.1x don not release/renew
computers ip address after it move to new VLAN.

List of components:
1 WS - Windows 2000 with SP3 and 313664 802.1xhotfix
2 Cisco ACS 3.2 server
3 Windows NT 4.0 domain
4 Cisco Switch 6513 CatOS 7.6.2
Top

Re: 802.1x and Windows 2000 client by S

S
Wed Jul 23 04:33:55 CDT 2003

Your buffer VLAN feature sounds like overengineering to me.

--
Svyatoslav Pidgorny, MS MVP, MCSE
-= F1 is the key =-

"Victor Kochetkov" <Victor.Kochetkov@ru.ey.com> wrote in message
news:098b01c350f3$9dc982d0$a401280a@phx.gbl...
>
> We try to implement 802.1x authentication on our network.
> But specificity is, that not all computers are equipped
> with SP3. And the plan is to make a quest(buffer)VLAN for
> such computers. But the problem is that Windows 2000 once
> entered to "quest" VLAN on Windows startup don&#8217;t want re-
> authenticate with domain username and password after they
> entered. Also if we initiate re-authenticate port from
> switch, Windows 2000 802.1x don not release/renew
> computers ip address after it move to new VLAN.
>
> List of components:
> 1 WS - Windows 2000 with SP3 and 313664 802.1xhotfix
> 2 Cisco ACS 3.2 server
> 3 Windows NT 4.0 domain
> 4 Cisco Switch 6513 CatOS 7.6.2
>


Top

Re: 802.1x and Windows 2000 client by Victor

Victor
Wed Jul 23 05:57:52 CDT 2003


So but where is solution if I need that computers
without SP3 and 802.1x can work properly for temporary
period before we will install SP and client to them

>-----Original Message-----
>Your buffer VLAN feature sounds like overengineering to
me.
>
>--
>Svyatoslav Pidgorny, MS MVP, MCSE
>-= F1 is the key =-
>
>"Victor Kochetkov" <Victor.Kochetkov@ru.ey.com> wrote in
message
>news:098b01c350f3$9dc982d0$a401280a@phx.gbl...
>>
>> We try to implement 802.1x authentication on our
network.
>> But specificity is, that not all computers are equipped
>> with SP3. And the plan is to make a quest(buffer)VLAN
for
>> such computers. But the problem is that Windows 2000
once
>> entered to "quest" VLAN on Windows startup don&#8217;t want
re-
>> authenticate with domain username and password after
they
>> entered. Also if we initiate re-authenticate port from
>> switch, Windows 2000 802.1x don not release/renew
>> computers ip address after it move to new VLAN.
>>
>> List of components:
>> 1 WS - Windows 2000 with SP3 and 313664 802.1xhotfix
>> 2 Cisco ACS 3.2 server
>> 3 Windows NT 4.0 domain
>> 4 Cisco Switch 6513 CatOS 7.6.2
>>
>
>
>.
>
Top

Re: 802.1x and Windows 2000 client by S

S
Thu Jul 24 06:25:48 CDT 2003

Seek alternative connectivity to install SP3 and the 802.1x client i.e.
wired Ethernet, or use CD media. We are presumably talking about managed
clients with all appropriate support arrangements and staff, aren't we?
--
Svyatoslav Pidgorny, MS MVP, MCSE
-= F1 is the key =-

"Victor Kochetkov" <Victor.Kochetkov@ru.ey.com> wrote in message
news:09ce01c35109$43695d40$a601280a@phx.gbl...
>
> So but where is solution if I need that computers
> without SP3 and 802.1x can work properly for temporary
> period before we will install SP and client to them
>
> >-----Original Message-----
> >Your buffer VLAN feature sounds like overengineering to
> me.
> >
> >--
> >Svyatoslav Pidgorny, MS MVP, MCSE
> >-= F1 is the key =-
> >
> >"Victor Kochetkov" <Victor.Kochetkov@ru.ey.com> wrote in
> message
> >news:098b01c350f3$9dc982d0$a401280a@phx.gbl...
> >>
> >> We try to implement 802.1x authentication on our
> network.
> >> But specificity is, that not all computers are equipped
> >> with SP3. And the plan is to make a quest(buffer)VLAN
> for
> >> such computers. But the problem is that Windows 2000
> once
> >> entered to "quest" VLAN on Windows startup don&#8217;t want
> re-
> >> authenticate with domain username and password after
> they
> >> entered. Also if we initiate re-authenticate port from
> >> switch, Windows 2000 802.1x don not release/renew
> >> computers ip address after it move to new VLAN.
> >>
> >> List of components:
> >> 1 WS - Windows 2000 with SP3 and 313664 802.1xhotfix
> >> 2 Cisco ACS 3.2 server
> >> 3 Windows NT 4.0 domain
> >> 4 Cisco Switch 6513 CatOS 7.6.2
> >>
> >
> >
> >.
> >


Top