teams and 802.1x architecture

New Contributor

Hello everyone,

We use o365 apps , teams, sharepoint, office tools, azure ad and it's great.

The next phase of our o365 project  is to move our old legacy telephony and old visiconference system to teams as softphone solution and full Meeting room (Mtr solution).
But our network department are working on 802.1x technology and wants to deploy 802.1x architecture in the next few weeks/months.

i'm not sure that this 802.1x technology will be compatible with microsoft solution (teams, etc..)
Does anyone have any information on this subject ? Does anyone have this 802.1x configuration with teams ?
i'm convinced that we should take conditional access rather than 8021.x technology.
Thank you in advance.

 

4 Replies

@jpl2121 If your meeting rooms will be Teams Meeting Rooms on Windows then I doubt there will be much of an issue, just load a certificate onto the device for the 802.1x.

 

If you are using any Android devices as desk phones or Team Meeting Rooms on Android then you'll need to work with the device vendors to see if it's possible, my feeling is that it would be somewhere between very hard and impossible.

 

My personal opinion is that it's best to keep TMR devices on a separate vlan from the corporate devices, with simple well performing internet connectivity. There no reason they need access to your lan, they are only ever going to call via the internet.

Ok, thanks you very mutch for your networks advices.
Just a general information as you seem to mix up two totally different things:
** 802.1x is a NETWORK security thing: It prevents (or allows) the hardware device to connect to the network. In other words: Without proper a proper "passport" the network switch will not forward any traffic from the device into the corporate network. This has nothing to do with more detailed info about what applications on this device try to access which hosts on the network, etc..
** Conditional access allows (or prevents) a device (or even more precise the application running on the device!) to LOGIN to network ressources like M365 Teams.

Example: A Teams device like a Teams Phone or a Teams Room System could be easily denied access to your Teams tenant because of Conditional Access failing, but it could still do all kinds of other stupid things on your network because of you simply letting it onto the network instead of approving it via 802.1x.

Hope, this makes things a little clearer for you.
Many Thanks Harald