Scribd
Upload
82 views5 pages

PRESENTACIÓN 802-1x

802.1x provides port-based authentication to control network access. It uses the Extensible Authentication Protocol (EAP) for authentication between a supplicant (client device), authenticator (switch), and authentication server (usually RADIUS). The supplicant must authenticate via EAP before network access is granted. 802.1x is commonly used for both wired and wireless networks to authenticate individual users and check devices for security compliance before full network access.

Uploaded by

tatiana de la rosa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
82 views5 pages

PRESENTACIÓN 802-1x

802.1x provides port-based authentication to control network access. It uses the Extensible Authentication Protocol (EAP) for authentication between a supplicant (client device), authenticator (switch), and authentication server (usually RADIUS). The supplicant must authenticate via EAP before network access is granted. 802.1x is commonly used for both wired and wireless networks to authenticate individual users and check devices for security compliance before full network access.

Uploaded by

tatiana de la rosa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

01- Fundamentals of Network Security

Manuel K. Guerrero Rojas


CCNA | CCNA Security | CCNA-R&S| CNA-S | CCNP-R&S | MCTS | MTA |
CMSP | CCFI CNDP | CNSA | NSE-2 | NSE-4 | NSE-7
(809) 430-7511 / (809) 793-7324
[email protected]
[email protected]
Protocolo 802.1x. :
historia, definición y utilidad
802.1x:
Port based authentication provides a security mechanism
to allow or disallow connectivity to a device connected to
a specific port. The device attempting to connect to such a
port is called a supplicant. The supplicant can be an end
user device, such as a computer or an IP telephone, or it
can be another network device.

With 802.1X, we can add authentication for port control.


Before you get access to the network, you will have to
authenticate yourself. The “port control” part is what
802.1X does, the authentication is done using EAP
(Extensible Authentication Protocol). 802.1X is often used
on wired networks with NAC (Network Admission Control)
which allows the network to check if a computer has up-to-
date anti-virus / spyware software and/or all installed
updates for its operating system. If this checks out, the
computer gets further access to the network..

Protocolo 802.1x. :
historia, definición y utilidad
Need to know when using 802.1X:

• Supplicant: this is the user or device that wants access to


the (wireless) network.
• Authentication Server: the device that processes the
authentication, typically a RADIUS or TACACS+ server.
• Authenticator: the device in between the supplicant and
authentication server that has to open the port with
802.1X. This is a switch or wireless access point.

802.1X is also used for wireless networking, where we use


it for WPA-Enterprise. We use it in wireless networking so
that we can have per-user authentication instead of pre-
shared keys and it uses a different WPA master key for
each wireless user, enhancing security.

Protocolo 802.1x. :
historia, definición y utilidad
802.1x Port Based Authentication
aaa authentication dot1x default local indicates that the local credentials will be
used for dot1x authentication
username cisco password cisco configures the username and password in the
local database that will be used for authentication
dot1x system-auth-control - globally enables 802.1X port-based authentication

You need create a dot1x credentials profile that will contain the With the following two commands, you will enable port based
username and password that will be used by the supplicant to authentication on the interface, and you will configure the
authenticate against the credentials configured on the RADIUS. interface to play the role of a dot1x authenticator:
Dot1x credentials NAME_OF_Profile Interface GibabitEthernet 0/0
Username Authentication port-control auto
Password Dot1x pae authentication
Dot1x supplicant force-multicast

Protocolo 802.1x. :
historia, definición y utilidad

You might also like