• 0 Posts
  • 4 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle

  • But thats the dongles mac address. They break. They get passed around and used in multiple devices. If i am trying to authenticate a third party laptop and they are moving from dock to dock then i cant use the unique hardware ID to identify that hardware. I can only see where to dongle is.

    In theory its all well and good saying the dongle will stay with the laptop or the mac isn’t a useful tool for authentication. But in practice in the wonderful wild world of IT. Its never that straightforward.

    Its crap for asset registers, its crap for authentication servers and its crap for finding devices on switches with mac address tables.

    I know there are other ways, but network ports aside, why am i buying a £60-£100 docking station to get all those ports back? I had them in my laptop. Now i have to spend more money to get them back and rely on a bit of cheap hardware that needs drivers, updates, and has breakable wires and ports to provide the functionality that was built in to my older devices.

    There are advantages, but they dont outweigh the disadvantages. They just make it cheaper to manufacture laptops.


  • But if i am authenticating a unique third party laptop i could use the mac address and apply a profile in clearpass to authenticate it and apply an ACL to lock the device down as a separate measure to creating a separate vlan for the device.

    I wouldn’t have called it useless in that regard. But im fairly new to network administration, so perhaps i am not well versed enough to know better.

    Our clearpass servers struggle sometimes, and i experience timeouts or rejections when a laptop moves from one usb c docking station to another if they fail dot1x and revert to mab.

    Also all of this aside, the fact that all the ports got removed from a laptop and now you have to plig in a £60-100 dock to get all those ports back is an absolute con.