SlideShare a Scribd company logo

Ieee 802.1 x

M
matoko
Education
1 of 1
Download to read offline
IEEE 802.1X packetlife.net 802.1X Header 1 Version 1 Type Terminology 2 Length EAP EAP Over LANs (EAPOL) EAP encapsulated by 802.1X for transport across LANs EAP Header 1 Code 1 Identifier 2 Length Data Authenticator Supplicant The device (client) attached to an access link that requests authentication by the authenticator Authenticator The device that controls the status of a link; typically a wired switch or wireless access point EAP Flow Chart Supplicant Extensible Authentication Protocol (EAP) A flexible authentication framework defined in RFC 3748 Authentication Authentication Server Server A backend server which authenticates the credentials provided by supplicants (for example, a RADIUS server) Guest VLAN Fallback VLAN for clients not 802.1X-capable Restricted VLAN Fallback VLAN for clients which fail authentication Identity Request Identity Response Access Request 802.1X Packet Types EAP Codes 0 EAP Packet Challenge Response Access Challenge Access Request 1 EAPOL-Start 2 Response 2 EAPOL-Logoff Challenge Request 1 Request 3 Success 3 EAPOL-Key 4 Failure 4 EAPOL-Encap-ASF-Alert Success Access Accept EAP RADIUS Configuration Global Configuration ! Define a RADIUS server radius-server host 10.0.0.100 radius-server key MyRadiusKey ! Configure 802.1X to authenticate via AAA aaa new-model aaa authentication dot1x default group radius ! Enable 802.1X authentication globally dot1x system-auth-control Interface Defaults Max Auth Requests 2 Reauthentication Off Quiet Period 60s EAP Req/Resp Types 1 Identity 2 Notification 3 Nak 4 MD5 Challenge Reauth Period 1hr 5 One Time Password Server Timeout 30s 6 Generic Token Card Supplicant Timeout 30s Tx Period 30s 254 Expanded Types 255 Experimental Port-Control Options Interface Configuration ! Static access mode switchport mode access ! Enable 802.1X authentication per port dot1x port-control auto ! Configure host mode (single or multi) dot1x host-mode single-host ! Configure maximum authentication attempts dot1x max-reauth-req ! Enable periodic reauthentication dot1x reauthentication ! Configure a guest VLAN dot1x guest-vlan 123 ! Configure a restricted VLAN dot1x auth-fail vlan 456 dot1x auth-fail max-attempts 3 by Jeremy Stretch force-authorized Port will always remain in authorized state (default) force-unauthorized Always unauthorized; authentication attempts are ignored auto Supplicants must authenticate to gain access Troubleshooting show dot1x [statistics] [interface <interface>] dot1x test eapol-capable [interface <interface>] dot1x re-authenticate interface <interface> v2.0

Recommended

802.1x Authentication Standard
802.1x Authentication Standard802.1x Authentication Standard
802.1x Authentication StandardDan Miller
 
802.1x authentication
802.1x authentication802.1x authentication
802.1x authenticationXiaoqi Zhao
 
802.1x
802.1x802.1x
802.1xakruthi k
 
Ieee 802.1 x
Ieee 802.1 xIeee 802.1 x
Ieee 802.1 xMohamed Gamel
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authenticationdkaya
 
IEEE 802.1 x
IEEE 802.1 xIEEE 802.1 x
IEEE 802.1 xAnwesh Dixit
 
802.1x
802.1x802.1x
802.1xAlp isik
 
Ali shahbazi khojasteh dot1X
Ali shahbazi khojasteh dot1XAli shahbazi khojasteh dot1X
Ali shahbazi khojasteh dot1XAli Shahbazi Khojasteh
 

Recommended

802.1x Authentication Standard
802.1x Authentication Standard802.1x Authentication Standard
802.1x Authentication StandardDan Miller
 
802.1x authentication
802.1x authentication802.1x authentication
802.1x authenticationXiaoqi Zhao
 
802.1x
802.1x802.1x
802.1xakruthi k
 
Ieee 802.1 x
Ieee 802.1 xIeee 802.1 x
Ieee 802.1 xMohamed Gamel
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authenticationdkaya
 
IEEE 802.1 x
IEEE 802.1 xIEEE 802.1 x
IEEE 802.1 xAnwesh Dixit
 
802.1x
802.1x802.1x
802.1xAlp isik
 
Ali shahbazi khojasteh dot1X
Ali shahbazi khojasteh dot1XAli shahbazi khojasteh dot1X
Ali shahbazi khojasteh dot1XAli Shahbazi Khojasteh
 
At8000 s configurando_8021x
At8000 s configurando_8021xAt8000 s configurando_8021x
At8000 s configurando_8021xNetPlus
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for SeacoastSithideth Banavong
 
radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)rinnocente
 
IEEE 802.1X and Axis’ Implementation
IEEE 802.1X and Axis’ ImplementationIEEE 802.1X and Axis’ Implementation
IEEE 802.1X and Axis’ ImplementationAxis Communications
 
Iuwne10 S03 L02
Iuwne10 S03 L02Iuwne10 S03 L02
Iuwne10 S03 L02Ravi Ranjan
 
Iuwne10 S02 L02
Iuwne10 S02 L02Iuwne10 S02 L02
Iuwne10 S02 L02Ravi Ranjan
 
Iuwne10 S02 L06
Iuwne10 S02 L06Iuwne10 S02 L06
Iuwne10 S02 L06Ravi Ranjan
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
Ap&ac system development 2014
Ap&ac system development 2014Ap&ac system development 2014
Ap&ac system development 2014TOM LIU
 
Iuwne10 S02 L05
Iuwne10 S02 L05Iuwne10 S02 L05
Iuwne10 S02 L05Ravi Ranjan
 
ClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User GuideClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User GuideAruba, a Hewlett Packard Enterprise company
 
Remote access service
Remote access serviceRemote access service
Remote access serviceApoorw Pandey
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)Aruba, a Hewlett Packard Enterprise company
 
Firewalls
FirewallsFirewalls
Firewallshemantag
 
10 steps for troubleshooting wi fi
10 steps for troubleshooting wi fi10 steps for troubleshooting wi fi
10 steps for troubleshooting wi fiTaylorStepanski
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat applicationPiyush Rawat
 
Transmission Control Protocol and User Datagram protocol
Transmission Control Protocol and User Datagram protocolTransmission Control Protocol and User Datagram protocol
Transmission Control Protocol and User Datagram protocolSamsil Arefin
 
EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x Aruba, a Hewlett Packard Enterprise company
 
Cisco project ideas
Cisco project ideasCisco project ideas
Cisco project ideasVIT University
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat applicationSamsil Arefin
 
Ieee 802.1 x
Ieee 802.1 xIeee 802.1 x
Ieee 802.1 xSwapnil Kapate
 
8021x feature config_guide
8021x feature config_guide8021x feature config_guide
8021x feature config_guideWilson Ospina
 

More Related Content

What's hot

At8000 s configurando_8021x
At8000 s configurando_8021xAt8000 s configurando_8021x
At8000 s configurando_8021xNetPlus
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for SeacoastSithideth Banavong
 
radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)rinnocente
 
IEEE 802.1X and Axis’ Implementation
IEEE 802.1X and Axis’ ImplementationIEEE 802.1X and Axis’ Implementation
IEEE 802.1X and Axis’ ImplementationAxis Communications
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
Ap&ac system development 2014
Ap&ac system development 2014Ap&ac system development 2014
Ap&ac system development 2014TOM LIU
 
Remote access service
Remote access serviceRemote access service
Remote access serviceApoorw Pandey
 
10 steps for troubleshooting wi fi
10 steps for troubleshooting wi fi10 steps for troubleshooting wi fi
10 steps for troubleshooting wi fiTaylorStepanski
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat applicationPiyush Rawat
 
Transmission Control Protocol and User Datagram protocol
Transmission Control Protocol and User Datagram protocolTransmission Control Protocol and User Datagram protocol
Transmission Control Protocol and User Datagram protocolSamsil Arefin
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat applicationSamsil Arefin
 

What's hot (20)

At8000 s configurando_8021x
At8000 s configurando_8021xAt8000 s configurando_8021x
At8000 s configurando_8021x
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast
 
radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)
 
IEEE 802.1X and Axis’ Implementation
IEEE 802.1X and Axis’ ImplementationIEEE 802.1X and Axis’ Implementation
IEEE 802.1X and Axis’ Implementation
 
Iuwne10 S03 L02
Iuwne10 S03 L02Iuwne10 S03 L02
Iuwne10 S03 L02
 
Iuwne10 S02 L02
Iuwne10 S02 L02Iuwne10 S02 L02
Iuwne10 S02 L02
 
Iuwne10 S02 L06
Iuwne10 S02 L06Iuwne10 S02 L06
Iuwne10 S02 L06
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS Protocols
 
Ap&ac system development 2014
Ap&ac system development 2014Ap&ac system development 2014
Ap&ac system development 2014
 
Iuwne10 S02 L05
Iuwne10 S02 L05Iuwne10 S02 L05
Iuwne10 S02 L05
 
ClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User GuideClearPass Insight 6.3 User Guide
ClearPass Insight 6.3 User Guide
 
Remote access service
Remote access serviceRemote access service
Remote access service
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
Firewalls
FirewallsFirewalls
Firewalls
 
10 steps for troubleshooting wi fi
10 steps for troubleshooting wi fi10 steps for troubleshooting wi fi
10 steps for troubleshooting wi fi
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat application
 
Transmission Control Protocol and User Datagram protocol
Transmission Control Protocol and User Datagram protocolTransmission Control Protocol and User Datagram protocol
Transmission Control Protocol and User Datagram protocol
 
EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x
 
Cisco project ideas
Cisco project ideasCisco project ideas
Cisco project ideas
 
Client server chat application
Client server chat applicationClient server chat application
Client server chat application
 

Similar to Ieee 802.1 x

8021x feature config_guide
8021x feature config_guide8021x feature config_guide
8021x feature config_guideWilson Ospina
 
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfdjameleddine2015
 
Radius Protocol
Radius ProtocolRadius Protocol
Radius ProtocolNetwax Lab
 
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyDisobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyKarri Huhtanen
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
14.) wireless (hyper dense wi fi)
14.) wireless (hyper dense wi fi)14.) wireless (hyper dense wi fi)
14.) wireless (hyper dense wi fi)Jeff Green
 
Managing VLAN(802.1q) ON a LINUX operating system
Managing VLAN(802.1q) ON a LINUX operating systemManaging VLAN(802.1q) ON a LINUX operating system
Managing VLAN(802.1q) ON a LINUX operating systemThierry Gayet
 
Paper review about NAC & SDN
Paper review about NAC & SDNPaper review about NAC & SDN
Paper review about NAC & SDNKyunghee Univ
 
EAP-TLS (extended version)
EAP-TLS (extended version)EAP-TLS (extended version)
EAP-TLS (extended version)Karri Huhtanen
 
Рекомендации по настройке контроллеров БЛВС Cisco
Рекомендации по настройке контроллеров БЛВС CiscoРекомендации по настройке контроллеров БЛВС Cisco
Рекомендации по настройке контроллеров БЛВС CiscoCisco Russia
 
Wireless Security Policy
Wireless Security PolicyWireless Security Policy
Wireless Security Policyserpentine707
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 

Similar to Ieee 802.1 x (20)

Ieee 802.1 x
Ieee 802.1 xIeee 802.1 x
Ieee 802.1 x
 
8021x feature config_guide
8021x feature config_guide8021x feature config_guide
8021x feature config_guide
 
Sw8021x
Sw8021xSw8021x
Sw8021x
 
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
 
Radius Protocol
Radius ProtocolRadius Protocol
Radius Protocol
 
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyDisobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
 
Introduction to Diameter Protocol - Part1
Introduction to Diameter Protocol - Part1Introduction to Diameter Protocol - Part1
Introduction to Diameter Protocol - Part1
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
Ont mod 6
Ont mod 6Ont mod 6
Ont mod 6
 
RADIUS
RADIUSRADIUS
RADIUS
 
Iuwne10 S04 L03
Iuwne10 S04 L03Iuwne10 S04 L03
Iuwne10 S04 L03
 
Iuwne10 S04 L04
Iuwne10 S04 L04Iuwne10 S04 L04
Iuwne10 S04 L04
 
14.) wireless (hyper dense wi fi)
14.) wireless (hyper dense wi fi)14.) wireless (hyper dense wi fi)
14.) wireless (hyper dense wi fi)
 
Managing VLAN(802.1q) ON a LINUX operating system
Managing VLAN(802.1q) ON a LINUX operating systemManaging VLAN(802.1q) ON a LINUX operating system
Managing VLAN(802.1q) ON a LINUX operating system
 
Firewall
FirewallFirewall
Firewall
 
Paper review about NAC & SDN
Paper review about NAC & SDNPaper review about NAC & SDN
Paper review about NAC & SDN
 
EAP-TLS (extended version)
EAP-TLS (extended version)EAP-TLS (extended version)
EAP-TLS (extended version)
 
Рекомендации по настройке контроллеров БЛВС Cisco
Рекомендации по настройке контроллеров БЛВС CiscoРекомендации по настройке контроллеров БЛВС Cisco
Рекомендации по настройке контроллеров БЛВС Cisco
 
Wireless Security Policy
Wireless Security PolicyWireless Security Policy
Wireless Security Policy
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocol
 

Recently uploaded

“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 

Recently uploaded (20)

“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 

Ieee 802.1 x

  • 1. IEEE 802.1X packetlife.net 802.1X Header 1 Version 1 Type Terminology 2 Length EAP EAP Over LANs (EAPOL) EAP encapsulated by 802.1X for transport across LANs EAP Header 1 Code 1 Identifier 2 Length Data Authenticator Supplicant The device (client) attached to an access link that requests authentication by the authenticator Authenticator The device that controls the status of a link; typically a wired switch or wireless access point EAP Flow Chart Supplicant Extensible Authentication Protocol (EAP) A flexible authentication framework defined in RFC 3748 Authentication Authentication Server Server A backend server which authenticates the credentials provided by supplicants (for example, a RADIUS server) Guest VLAN Fallback VLAN for clients not 802.1X-capable Restricted VLAN Fallback VLAN for clients which fail authentication Identity Request Identity Response Access Request 802.1X Packet Types EAP Codes 0 EAP Packet Challenge Response Access Challenge Access Request 1 EAPOL-Start 2 Response 2 EAPOL-Logoff Challenge Request 1 Request 3 Success 3 EAPOL-Key 4 Failure 4 EAPOL-Encap-ASF-Alert Success Access Accept EAP RADIUS Configuration Global Configuration ! Define a RADIUS server radius-server host 10.0.0.100 radius-server key MyRadiusKey ! Configure 802.1X to authenticate via AAA aaa new-model aaa authentication dot1x default group radius ! Enable 802.1X authentication globally dot1x system-auth-control Interface Defaults Max Auth Requests 2 Reauthentication Off Quiet Period 60s EAP Req/Resp Types 1 Identity 2 Notification 3 Nak 4 MD5 Challenge Reauth Period 1hr 5 One Time Password Server Timeout 30s 6 Generic Token Card Supplicant Timeout 30s Tx Period 30s 254 Expanded Types 255 Experimental Port-Control Options Interface Configuration ! Static access mode switchport mode access ! Enable 802.1X authentication per port dot1x port-control auto ! Configure host mode (single or multi) dot1x host-mode single-host ! Configure maximum authentication attempts dot1x max-reauth-req ! Enable periodic reauthentication dot1x reauthentication ! Configure a guest VLAN dot1x guest-vlan 123 ! Configure a restricted VLAN dot1x auth-fail vlan 456 dot1x auth-fail max-attempts 3 by Jeremy Stretch force-authorized Port will always remain in authorized state (default) force-unauthorized Always unauthorized; authentication attempts are ignored auto Supplicants must authenticate to gain access Troubleshooting show dot1x [statistics] [interface <interface>] dot1x test eapol-capable [interface <interface>] dot1x re-authenticate interface <interface> v2.0