Cisco 350 Series Administration Manual page 524
Managed switches
Hide thumbs
Also See for 350 Series:
- Hardware installation manual (96 pages) ,
- Quick start manual (61 pages) ,
- Manual (10 pages)
Table of Contents
Advertisement
Security: 802.1X Authentication
Overview
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
Multiple methods can run at the same time. When one method finishes successfully, the client
becomes authorized, the methods with lower priority are stopped and the methods with higher
priority continue.
When one of authentication methods running simultaneously fails, the other methods
continue.
When an authentication method finishes successfully for a client authenticated by an
authentication method with a lower priority, the attributes of the new authentication method
are applied. When the new method fails, the client is left authorized with the old method.
802.1x-Based Authentication
The 802.1x-based authenticator relays transparent EAP messages between 802.1x supplicants
and authentication servers. The EAP messages between supplicants and the authenticator are
encapsulated into the 802.1x messages, and the EAP messages between the authenticator and
authentication servers are encapsulated into the RADIUS messages.
This is described in the following:
Figure 1 802.1x-Based Authentication
Client
MAC-Based Authentication
MAC-based authentication is an alternative to 802.1X authentication that allows network
access to devices (such as printers and IP phones) that do not have the 802.1X supplicant
capability. MAC-based authentication uses the MAC address of the connecting device to grant
or deny network access.
802.1x
Protocol
Authenticaticator
EAP Protocol
RADIUS
Protocol
Authentication
Server
18
353
Hide quick links:
Advertisement
Table of Contents
