RE: 802.1x authentication

From: Aslam Mohammed \(masam\) (masam@cisco.com)
Date: Tue May 09 2006 - 11:15:08 ART

• Next message: Wang, Ting \(Taylor\): "RMON event trap and snmp enable trap"
• Previous message: Tony Schaffran: "RE: Netmasterclass workbook - no switchport assignments or BGP"
• Maybe in reply to: thomas.rader@freesurf.ch: "802.1x authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

In case of 802.1x, there are 3 component,
Supplicant
Authenticator and
Authenticating Server

The "Authenticator server" is radius which is not Cisco's proprietary
piece customer can buy the "authenticator from Cisco and he can have a
3rd party "AAA" server"

  Note:- TACACS is Cisco's proprietary product, and Radius is not,
secondly in radius with vendor specific attributes we can send encrypted
information.

Thanks
Mohammed Aslam

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
thomas.rader@freesurf.ch
Sent: Tuesday, May 09, 2006 9:15 AM
To: ccielab@groupstudy.com
Subject: 802.1x authentication

Hello,

Radius is used in all of the Cisco sample configurations for 802.1x
authentication Ive seen.

For example:

http://www.ciscopress.com/articles/article.asp?p=29600&seqNum=3&rl=1

I cant understand why TACACS isnt used instead of Radius (given the
fact that Radius information is sent in clear text).

Could anyone offer any reasons ?

Thanks, Thomas

thomas.rader@freesurf.ch

• Next message: Wang, Ting \(Taylor\): "RMON event trap and snmp enable trap"
• Previous message: Tony Schaffran: "RE: Netmasterclass workbook - no switchport assignments or BGP"
• Maybe in reply to: thomas.rader@freesurf.ch: "802.1x authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:21 ART