From: Sadiq Yakasai (sadiqtanko@gmail.com)
Date: Tue Mar 03 2009 - 08:58:47 ARST
Rhagav,
So this is how it goes:
Currently, there are 4 modes of operation (on 12.2(33)SXI on the Cat6K).
This device supports all the modes. You will find out that other Cisco
switches will support only a subset of these modes. For e.g, currently on
the latest 3550 image, there is no support for MDA (multi-domain mode) much
less multi-auth and multi-host. Check CCO for a more comprehensive matrix of
whats supported where and not:
1. Single host mode: single device that does 802.1x/MAB
2. Multi-domain mode: single IP phone + single data end-point. Each can do
either 802.1X/MAB.
3. Multi-host: first device authenticates on the port and opens up the port
for the rest of the devices to come in later. This is achievable by
connection a hub directly to the switchport or behind the IP phone.
4. Multi-auth: every device that connects to the switchport has to
authenticate 802.1X/MAB. You can connect an IP phone + PC behind it to
achieve this, or with a hub as well, with multiple devices connecting via
the hub.
I am sure you can come up with some other ways to connect devices to the
switch to conform with the host-mode configured on the switchport - really
up to you, IMHO.
Hope that helps a little in the mean time,
Sadiq
On Tue, Mar 3, 2009 at 9:20 AM, Edouard Zorrilla <ezorrilla@tsf.com.pe>wrote:
> With multiple host, the first one is the one that just uses 802.1x so that
> the others can go straight.,
>
> Regards
>
> ----- Original Message ----- From: "Raghav Bhargava" <
> raghavbhargava12@gmail.com>
> To: "Cisco certification" <ccielab@groupstudy.com>
> Sent: Tuesday, March 03, 2009 3:23 AM
> Subject: Regarding DOT1X
>
>
>
> Hi Experts,
>>
>> I have a doubt in Dot1x.
>>
>> For example if we enable dot1x authentication on a single port. So by
>> default that port is configured for single host . Now we can also
>> change the host mode from single to multi mode. My confusion is how
>> can we connect multiple hosts on the same port.
>>
>> What I can think of is using a hub and connecting it to that port
>> where DOT1x is enabled and then connecting multiple hosts .
>> Please correct me if I am wrong..
>>
>> Appreciate help...
>>
>> --
>> Warm Regards
>> Raghav
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- CCIE #19963Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:03 ART