Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

ISE : DOT1X - MAB

Hi all,

I'm trying to understand the posibilities of the ISE. I would like to configure host authentication without the client having to enter credentials for a second time after logging on to his pc.

Is this possible with DOT1X?

As far as I understand you have to enter your credentials twice. 1 time for windows logon and a second time in the supplicant (eg. Cisco Anyconnect) which sends the EAPOL start frame to the authenticator (switch).

MAB could works without user interference, but is bypassable when you spoof a mac address.

Is there another possibility to set this up?

Maybe I'm asking obvious questions, but I'm a ISE newbie.

Thanks,

Joris                  

Everyone's tags (3)
2 REPLIES
Silver

ISE : DOT1X - MAB

Both the Windows supplicant and the Cisco supplicant sends the credentials automatically so there is no need to type the password twice.

Cisco Employee

Re: ISE : DOT1X - MAB

Check the doc for Configure the Windows Native Supplicant

284
Views
0
Helpful
2
Replies
CreatePlease to create content