Subject: | |
From: | |
Reply To: | |
Date: | Thu, 12 Apr 2007 11:27:11 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Thanks to everyone with their insight and suggestions. We'll be eagerly
looking forward to that feature in an upcoming release, Nick C. ;-)
On 4/12/07 10:25 AM, "David Stempien" <[log in to unmask]>
wrote:
> Scenario:
>
>
>
> A user has a laptop which is plugged into a wired connection (non-CCA) and a
>
> wireless connection (CCA). Both interfaces are active.
>
>
>
> If the user has not-yet-authenticated with the Clean Access Agent, it will
>
> pop up and ask the user to do so. User does, but the agent either keeps
>
> popping back up to ask for credentials again and again, or it eventually
>
> times-out with an error 500. I assume the agent is discovering the Clean
>
> Access server on the wireless connection, but it is sending its traffic to
>
> the Clean Access server out of the preferred wired connection, thus causing
>
> this behavior.
>
>
>
> If the user was using wireless-only and had successfully logged into CCA,
>
> then later plugged into the wired connection, there's no harm done.
>
> Although I suspect when we later migrate the wired connection to CCA we will
>
> experience additional pains regarding interface confusion within the CCA
>
> agent.
>
>
>
>
>
> Question:
>
>
>
> Obviously, this is a user training issue (if you're using a wired network
>
> connection, shut off your wireless first). Until Microsoft fixes this
>
> behavior with their wireless network control or Cisco makes the agent
>
> interface-aware or we recommend a third-party wireless supplicant which can
>
> automagically shut down the wireless interface, I'm wondering if anyone else
>
> might have and idea for another technical solution for this problem?
>
>
>
>
>
> Thanks,
>
>
>
> --
>
> Dave Stempien, Network Security Engineer
>
> University of Rochester Medical Center
>
> Information Systems Division
>
> 585-784-2427
>
>
|
|
|