- Blue, 1500 points or more
Couple of questions, my friends...
1.) With dot1x authentication, the authentication server (perhaps a RADIUS or TACACS server) will use the supplicant's information (what that information is is my second question) as the security metric to allow or disallow access.The network access appliance to which the supplicant is connected simply acts as a liaison between supplicant and the back-end auth server.
Is this correct?
2.) What metric does dot1x use to authenticate the user? (EDIT)
3.) As opposed to dot1x, which is an open standard, Cisco's VMPS solution is basically the Cisco proprietary solution to port authentication.
Is it the case that VMPS uses dot1x for the authentication part and then dynamically assigns a VLAN according to the MAC address, which is the VMPS part.
Which is correct?
4.) Therefore, they both use a dot1x-type architecture - namely, the supplicant (client), authenticator (switch) and the authentication server, but Cisco uses its own messaging protocol with VMPS, not EAP or its variants.
Is all this correct?
When you answer, can you be kind enough to do so in bulleted form - an answer per question type thing?
Thanks a million ahead of time!