Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

dot1x and ACS

What does it take to make dot1x and ACS to work correctly together? Im trying to do authentication with dot1x, but not sure what its really trying to authenticate? Seems like its more of a mac address or something. Any ideas on what people normally authenticate?

7 REPLIES
New Member

Re: dot1x and ACS

is this mac address authentication? Im not sure I understand "what" its really authenticating.

Cisco Employee

Re: dot1x and ACS

802.1X doesn't authenticate MAC addresses. IT typically authenticates LAN ports based on an identified credential, where this credential is driven by the EAP type, like a certificate, userame/password, etc.

New Member

Re: dot1x and ACS

Can you point me in a direction to learn more about that? I was thinking I could put a mac address of a pc in ACS as a userID/password and it would authenticate that way, with proper config on a switch. Im guessing that isnt right.

New Member

Re: dot1x and ACS

I guess what Im trying to figure out is what authentication is it sending? I think it must be a userID/password, but Im not sure what excatly it is. Anyone know?

Cisco Employee

Re: dot1x and ACS

Defined by your chosen EAP method. For example, EAP-TLS is a cryptographic method and would use a cert to authenticate. EAP-MD5 is a challenge-response based method using usernames and passwords.

Hope this gives you a start,

New Member

Re: dot1x and ACS

Hi all

I think you can use mac-authentication with dot1x and you will add the mac-addressess of the PCs to the ACS database. Use this way to add the mac-addressess as users:

Username: MAC-Address

Password: MAC-Address

So, the username and the password will be the mac-address of the pc

I hope this help,

New Member

Re: dot1x and ACS

I did try the mac-address solution. I couldnt get it to work. Any idea on how to get that done?

171
Views
3
Helpful
7
Replies
CreatePlease to create content