802.1x support and scalability (1010 Views)
Reply
Occasional Visitor
matt_CCNP
Posts: 3
Registered: ‎04-27-2012
Message 1 of 6 (1,010 Views)

802.1x support and scalability

Hi,

 

Can anyone recommend a Thin Client device that supports 802.1x Wired LAN access using EAP-TLS with Active Directory and is scalable upto 3500 devices?

 

We currently have the T5565 and this device does not appear scalable as it's Linux based and has no AD integration. The problems I am trying to address are:-

 

1. Scalability, can each device have it's own user certificate and be easily be revoked/renewed individually? I'm concerned that we need to manually import the private key. - This key may not be exportable due to security concerns.

2. Managability, from what I have seen so far, linux shell scripts are required to add/revoke certs, is there a device that is more slick? Windows based for example?

3. As these 3500 thin clients may have a number of hotdesks, it's important that any user can use any thin client, so is this also possible?

4. We only need 802.1x to allow VLAN assignment, and maybe Downloadable ACL's to permit just Citrix, Web protocols etc. to any LAN port were the thin client is plugged in. Are there any gotcha's??

 

Any advice or help much appreciated.

 

Many Thanks,

 

Matt.

Please use plain text.
Occasional Visitor
matt_CCNP
Posts: 3
Registered: ‎04-27-2012
Message 2 of 6 (983 Views)

Re: 802.1x support and scalability

Hi,

I'm really surprised to not get any response to this. I guess 3500 thin clients wasn't enough!!

Bad times :-(
Please use plain text.
Occasional Visitor
matt_CCNP
Posts: 3
Registered: ‎04-27-2012
Message 3 of 6 (964 Views)

Re: 802.1x support and scalability

Looks like there may be a way using SCEP, although not with HP thin clients unfortunately.

 

Igel and Tadpole so far have support for SCEP with 802.1x EAP-TLS for wired access. I'm sure there will others too :-)

 

 

Please use plain text.
Occasional Advisor
etrezen
Posts: 5
Registered: ‎11-14-2011
Message 4 of 6 (931 Views)

Re: 802.1x support and scalability

Hello

 

We are currently working on this type of project, we have 3000 TC (t5740e), not member of a domain, the enrollment will be done with powershell script (push by HPDM), procedure are not very friendly but it's work.

 

Regards

Please use plain text.
Occasional Visitor
muha_sa
Posts: 1
Registered: ‎03-17-2013
Message 5 of 6 (737 Views)

Re: 802.1x support and scalability

Check this:

 

www.cit-computing.com

 

regards

Please use plain text.
Occasional Visitor
jneset
Posts: 2
Registered: ‎07-24-2013
Message 6 of 6 (592 Views)

Re: 802.1x support and scalability

any tips you have available on how to accomplish such a masterpiece? I have HP T610s that I'd love to run smart client on, but manual certs over 300 devices make me puke. I've switched to WES7, but that is a nightmare.

Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation