Re: 3550 - 802.1x Port based Authentication

From: ccie2be (ccie2be@nyc.rr.com)
Date: Mon Sep 08 2003 - 21:23:47 GMT-3

• Next message: Danny.Andaluz@triaton-na.com: "RE: DHCP Options"
• Previous message: Tim Ross: "Re: 3550 - 802.1x Port based Authentication"
• Maybe in reply to: ccie2be: "3550 - 802.1x Port based Authentication"
• Next in thread: Daniel Sheedy: "Re: 3550 - 802.1x Port based Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks, Tim for getting back to me. The link you included seems to be
essentially the same as the what's in the 3550 config guide. Unfortunately,
neither of these two documents addresses the question of what information from
the device is used to verify the "identity" - all it says is. "When the client
supplies its identity, the switch begins its role as the intermediary, passing
EAP frames between the client and the authentication server until
authentication succeeds or fails."

I didn't see anything in the document that defines what is meant by
"identity". So, I don't know if identity means a username and password or a
mac address or something else altogether.

But, thanks just the same and if you happen to know more about this, I hope
you share.

dt
  ----- Original Message -----
  From: Tim Ross
  To: ccie2be ; Group Study
  Sent: Monday, September 08, 2003 7:57 PM
  Subject: Re: 3550 - 802.1x Port based Authentication

  Take a look at:

  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/1216ea2b/scg/sw
g8021x.htm

  You authenticate to a Radius server. Especially useful on wireless LANs and
public access areas.

  Tim

    ----- Original Message -----
    From: ccie2be
    To: Group Study
    Sent: Monday, September 08, 2003 2:42 PM
    Subject: 3550 - 802.1x Port based Authentication

    Hi,

    I'd like to verify that I correctly understand what the 3550 config guide
is
    saying regarding the above.

    802.1x is used to authenticate the actual device (the client) as opposed
to
    the user. As such the device can be any type of ethernet attached device
    including printers. Also, it seems like no user input is needed when
using
    802.1x authentication. Please let me know if all these statements are
True or
    False.

    Also, the config guide doesn't mention what information is used to
    authenticate the client. My guess is that it's probably the device's mac
    address, but really I have no idea. For all I know, it could be a
password
    preconfigured on the device or maybe even some combo of different
parameters.
    If someone knows how this works, please help me out.

    Thanks very much, dt

    _______________________________________________________________________
    You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.

    Subscription information may be found at:
    http://www.groupstudy.com/list/CCIELab.html

• Next message: Danny.Andaluz@triaton-na.com: "RE: DHCP Options"
• Previous message: Tim Ross: "Re: 3550 - 802.1x Port based Authentication"
• Maybe in reply to: ccie2be: "3550 - 802.1x Port based Authentication"
• Next in thread: Daniel Sheedy: "Re: 3550 - 802.1x Port based Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:25 GMT-3