Security - IEEE 802.1X
IEEE 802.1X is a standard for port-based Network Access Control (P-NAC). It is part of the IEEE 802.1 group of networking protocols and provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.
IEEE 802.1X defines the encapsulation of the Extensible Authentication Protocol (EAP) over IEEE 802, which is known as "EAP over LAN" or EAPOL. EAPOL is used over a wired or wireless LAN to transport EAP packets between the supplicant (the end user's device trying to authenticate, such as a laptop or smartphone) and the authentication server, via an authenticator (an intermediate device, such as a switch or wireless access point).
The standard is often used in combination with other authentication protocols, like PEAP, TTLS, or TLS, and is commonly used to secure networks by restricting access to only those devices that can provide valid credentials, such as a username and password or a digital certificate.
Links
https://networklessons.com/cisco/ccie-enterprise-infrastructure/aaa-802-1x-authentication https://networklessons.com/cisco/ccna-200-301/wireless-authentication-methods https://networklessons.com/cisco/ccie-enterprise-infrastructure/aaa-configuration-cisco-switch
Links to this page:
- 802.1X Timeout and Failover Mechanisms in Network Authentication
- AAA 802.1X Multi-Auth Mode for Multiple Devices on a Single Port
- AAA on a Cisco Switch Using EAP MSCHAPv2
- Cisco IOS test aaa command
- Security - MAC Authentication Bypass
- Security - Network Access Control (NAC)
- Wireless 802.11 Learning Path Recommendations