• Mr_Dr_Oink@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    3 days ago

    But only twice. You know the problem with having a network port on a usb is that the laptop no longer has a unique mac address, which can cause problems with authentication in a corporate environment. So when building devices or using mac auth it can be a nightmare.

    • mangaskahn@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      3 days ago

      MAC is useless as a component of the security check. It’s trivial to change; either with a dongle, as you said, or in the network configuration of every major and minor OS.

      • Mr_Dr_Oink@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        But if i am authenticating a unique third party laptop i could use the mac address and apply a profile in clearpass to authenticate it and apply an ACL to lock the device down as a separate measure to creating a separate vlan for the device.

        I wouldn’t have called it useless in that regard. But im fairly new to network administration, so perhaps i am not well versed enough to know better.

        Our clearpass servers struggle sometimes, and i experience timeouts or rejections when a laptop moves from one usb c docking station to another if they fail dot1x and revert to mab.

        Also all of this aside, the fact that all the ports got removed from a laptop and now you have to plig in a £60-100 dock to get all those ports back is an absolute con.