Device Configuration after the Wired Network Switch Replacement

In January 2017, UBIT initiated the Wired Network Switch Replacement project.  Learn about changes in device registration that may affect your customers.

Upgrade Schedule

Affected Devices

  • Any devices that have connected to UB’s network within the two months prior to the new hardware installation will automatically have their MAC address registered for use with the new switches.
  • Any new devices will need to be registered and/or authenticated the first time they connect to UB’s wired network; this process is guided by a log-in window or Web page redirect that appears when someone connects for the first time, similar to how guests register on the UB Connect Wi-Fi network.

Configuration Options

There are three options for configuring your device:

  1. 802.1x authentication (preferred method) - Requires some configuration changes on most client devices.
  2. MAC address - Intended for registered devices unable to use 802.1x.  
  3. Special department VLAN - Use for connecting a new device to the network that needs to be on a special departmental VLAN (not the Protected VLAN).

1. 802.1x authentication (preferred method)

The preferred method is to use the 802.1x protocol for authentication, however it requires some configuration changes on most client devices. The following provides instructions for enabling 802.1x on various devices.

Find instructions for your device:

2. MAC address

To ease the transition even further, we have pre-registered the MAC addresses of all devices that have been connected to the network within the last 2 months, and those devices should have no problem connecting to the new switches. However, we encourage you to follow the instructions in this document to also enable and configure 802.1x on your device. In the future, the use of 802.1x may become a requirement in order to connect to the UB network.

Your device will then be allowed on the network, and it will be put in the Protected VLAN (a restricted virtual local area network). The Protected VLAN allows all traffic outbound, and it allows all traffic inbound from UB, however unsolicited inbound traffic from outside of UB is restricted (thus preventing devices from running world-accessible servers from the Protected VLAN).  

If you have not already registered your MAC address, you will be redirected to the UB Wired Network Access Web page when you connect your device to the network for registration.

Log in using your UBIT credentials, the MAC address for the device you are connecting will be automatically filled in on the form. Register your device and you will be granted access to the Protected VLAN.

Alternatively, you can visit UB My Devices Portal directly, from a third party device, in order to manage your existing device registrations, and create new ones.

3. Special departmental (VLAN)

If your device requires access to a departmental VLAN (rather than using the default “Protected VLAN”), you will need to ask your department IT support team to modify (or create) your registration for you.

Device registration for a departmental network (VLAN) is done using UB My Devices Portal, however only authorized department IT support staff have the ability to grant access to VLANs other than the “Protected VLAN.”

Common Questions and Answers

Still having problems? See known related issues and their resolutions on Common Questions and Answers for the Wired Network Switch Replacement Project.

Still need help?

Contact the UBIT Help Center.