Network Access Control

 View Only

  • 1.  how can i force user login domain

    Posted Apr 12, 2009 10:28 PM
    hello
    i have a LanEnforcer appliance,use PEAP authentication mode.

    i want force users longin domain by LanEnforcer.i set "user authentication "condition as failed or unavailable,and other condition is ingore.when the user logon workgroup ,the port  not switch to specific Vlan.

    i check Enforcer log and display the enforcer had enforce the correct role.

    in the IAS log,it's warning "the authentication quest of the computername\workgroup user  had  gived up"

    please  help me how can i force user login domain by lanenforcer.

    Thanks

    --noble


  • 2.  RE: how can i force user login domain

    Posted Apr 14, 2009 06:49 PM
    Hi, Noble

      You can setup two actions on SEPM server, with conditions: 

      First action:
        Host Auth ignored, Policy Check ignored, and User Auth is PASSED, then put the port into normal VLAN.

      Second action:
       Host Auth ignored, Policy Check ignored, and User Auth is FAILED, then put the port into quarantine VLAN.

      Please make sure you have both VLAN setup correctly on the switch and select the correct switch model on SEPM.

    Thanks
    Craige 


  • 3.  RE: how can i force user login domain

    Posted Apr 20, 2009 05:43 AM
    Go to command promt & type gpupdate /force
    PRESS enter  for 4-5 times
    & then check