I am owning the CE Router, and the MPLS. So HP Switch and Radius are owned by the customer.
The customer wants to authenticate not only the pc ( Supplicants ) but also the CE Router with his Radius server. ( Government Rule )
The Problem in my Head is, that when i enable a 802.1x Supplicant on the Router(cisp client) to authenticate against the HP switch (Authenticator) the Radius IP lies behind the Interface that has to be authenticated. ( will not succeed )
So in my opinion there is only the possibility of a local fallback of the hp switch with local EAP-TLS. The question is, is this somehow possible to authenticate a L2 Access/Trunk with SVI or subinterface port or a Routed Port from the switch to the router, without using the Radius server ? Like some MACSec, between pure cisco devices ?
I've moved your discussion to Routing as the only Cisco element in your network is a router.
As both the switch and the RADIUS server is of HP, I would suggest you to check with HPE support resources if you have not done so already. The MacSec has some potential but you need to verify whether the switch and the router have compatible support.
Agile Networking with Cloud-managed IT [Meraki The Future is here] Cisco Meraki The Future Is Here: Agile Networking With Cloud-managed IT Your customer’s employees are in hybrid workstyle from home, the road, and the office and IT teams need t...
1. Smart Licensing
1.1. What is Smart Licensing?
A. Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across your orga...
Cisco DNA - Cisco SD-WAN: Connect to any cloud, anywhere, securely Cisco offers on-prem and cloud-managed WAN edge solutions to meet these new demands. Connect any user to any application with integrated capabilities for multicloud, security, ...
Join us for this virtual event as cloud providers, integrators, ecosystem technology partners and customers discuss what tomorrow's cloud will be and what you need to know to prepare. Get ready to hear about innovations for faster operations, mult...
Let´s talk about spanning-treeLeave your comment in english and in your own language.------------------------------------------------Vamos falar sobre spanning-tree Deixe seu comentário em inglês e no seu idioma.