What does it take to make dot1x and ACS to work correctly together? Im trying to do authentication with dot1x, but not sure what its really trying to authenticate? Seems like its more of a mac address or something. Any ideas on what people normally authenticate?
802.1X doesn't authenticate MAC addresses. IT typically authenticates LAN ports based on an identified credential, where this credential is driven by the EAP type, like a certificate, userame/password, etc.
Can you point me in a direction to learn more about that? I was thinking I could put a mac address of a pc in ACS as a userID/password and it would authenticate that way, with proper config on a switch. Im guessing that isnt right.
I guess what Im trying to figure out is what authentication is it sending? I think it must be a userID/password, but Im not sure what excatly it is. Anyone know?
Defined by your chosen EAP method. For example, EAP-TLS is a cryptographic method and would use a cert to authenticate. EAP-MD5 is a challenge-response based method using usernames and passwords.
I think you can use mac-authentication with dot1x and you will add the mac-addressess of the PCs to the ACS database. Use this way to add the mac-addressess as users:
Username: MAC-Address
Password: MAC-Address
So, the username and the password will be the mac-address of the pc
I did try the mac-address solution. I couldnt get it to work. Any idea on how to get that done?
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
