11-30-2007 01:26 PM - edited 02-21-2020 10:19 AM
What does it take to make dot1x and ACS to work correctly together? Im trying to do authentication with dot1x, but not sure what its really trying to authenticate? Seems like its more of a mac address or something. Any ideas on what people normally authenticate?
11-30-2007 01:36 PM
is this mac address authentication? Im not sure I understand "what" its really authenticating.
11-30-2007 02:36 PM
802.1X doesn't authenticate MAC addresses. IT typically authenticates LAN ports based on an identified credential, where this credential is driven by the EAP type, like a certificate, userame/password, etc.
11-30-2007 06:46 PM
Can you point me in a direction to learn more about that? I was thinking I could put a mac address of a pc in ACS as a userID/password and it would authenticate that way, with proper config on a switch. Im guessing that isnt right.
12-01-2007 11:39 AM
I guess what Im trying to figure out is what authentication is it sending? I think it must be a userID/password, but Im not sure what excatly it is. Anyone know?
12-03-2007 06:55 AM
Defined by your chosen EAP method. For example, EAP-TLS is a cryptographic method and would use a cert to authenticate. EAP-MD5 is a challenge-response based method using usernames and passwords.
Hope this gives you a start,
12-03-2007 10:52 AM
Hi all
I think you can use mac-authentication with dot1x and you will add the mac-addressess of the PCs to the ACS database. Use this way to add the mac-addressess as users:
Username: MAC-Address
Password: MAC-Address
So, the username and the password will be the mac-address of the pc
I hope this help,
12-03-2007 10:21 PM
I did try the mac-address solution. I couldnt get it to work. Any idea on how to get that done?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide