Ethernet Switching
Reply
Contributor
Valentijn
Posts: 18
Registered: ‎09-20-2008
0

802.1x and Wake on Lan

Has somebody a working solution for the following problem.

Our administrator uses Ghost with Wake on Lan for software deployment.

We use dynamic vlan assignment with machine authentication, so when a workstation has been powered off....it's placed in the 'default' vlan.

The network is a shared infrastructure with two other Media Companies.

So changes to the 'default' vlan are not allowed.

There is no RVI for which I can configure IP directed broadcast and only EAPOL traffic is allowed through the switchport when in pre 802.1 authenticated state.

 

 

best regards,

 

Valentijn

Contributor
TRK-NKA
Posts: 192
Registered: ‎06-17-2008
0

Re: 802.1x and Wake on Lan

I do not have a solution right now.

It is a very interesting question tho.

I am sure someone must have had this challenge before.

 


Best Regards

Tom Roholm
JNCIS-ENT, FWV, SEC, SA, WLAN
Distinguished Expert
mikep
Posts: 483
Registered: ‎06-30-2009
0

Re: 802.1x and Wake on Lan

Hi,

 

actually we support this feature:

When the switch uses IEEE 802.1x authentication with WoL, the switch forwards traffic to unauthorized
IEEE 802.1x ports, including magic packets.

 

Which software version are you using?

 

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

 

Kind Regards

Michael Pergament

 


Contributor
Valentijn
Posts: 18
Registered: ‎09-20-2008
0

Re: 802.1x and Wake on Lan

Hi Michael,

 

We are using Junos 9.6R2 on our EX4200's (virtual chassis config)

Would that include support for magic packets in the default vlan with no RVI?

So the only thing needed is that the Symantec ghost server has an interface in the default vlan?

 

kind regards,

 

Valentijn

Contributor
Valentijn
Posts: 18
Registered: ‎09-20-2008
0

Re: 802.1x and Wake on Lan

Hi Michael,

 

Did you see my response to your question?

 

kind regards,

 

Valentijn

Contributor
Valentijn
Posts: 18
Registered: ‎09-20-2008
0

Re: 802.1x and Wake on Lan

Hi Michael,

 

Can you tell me where I can find this in the Junos documentation or other article/app note?

 

" actually we support this feature:

When the switch uses IEEE 802.1x authentication with WoL, the switch forwards traffic to unauthorized
IEEE 802.1x ports, including magic packets. "

 

kind regards,

 

Valentijn

New User
Mike-CHCH
Posts: 3
Registered: ‎04-03-2014
0

Re: 802.1x and Wake on Lan

[ Edited ]

Mikep, could you post instructions or a link to the documentation? Otherwise it's neither a solution nor worthy of Kudos!

Distinguished Expert
lyndidon
Posts: 1,261
Registered: ‎06-06-2011
0

Re: 802.1x and Wake on Lan

Seems like it was neither accepted nor received any judos. I did some googllng and it seems like the way to support it is to use targeted-broadcast configuration. Take a look at these and see it resolves your issue


http://www.juniper.net/techpubs/en_US/junos10.2/information-products/topic-collections/config-guide-...
Targeted broadcast helps you implement remote administration tasks such as backups and wake-on LAN (WOL) on a LAN interface, and supports virtual routing and forwarding (VRF) instances.
http://forums.juniper.net/t5/Ethernet-Switching/Directed-targeted-broadcast-on-EX-series/td-p/189655

[Click the "Star" for Kudos if you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
New User
Mike-CHCH
Posts: 3
Registered: ‎04-03-2014
0

Re: 802.1x and Wake on Lan

[ Edited ]

Thanks, I also Googled and I tried the targetting broadcast, but, it doesn't seem to work for me. My supplier also came back empty handed after consulting their Juniper Techs. 

 

It has been suggested that I could just use Intel AMT to get this working instead, although quite a few machines that I want to WoL are not Intel AMT compatible.

 

As an aside, I did a quick google for "Cisco WoL 802.1X" and was greeted with immediate technical results detailing how this is done on Cisco:

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_8021x/configuration/15-2mt/sec-ieee-wake-lan-sup...

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.