Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
189
Views
0
Helpful
1
Replies

802.1X after MAB „automatically“

whistleblower14
Level 1
Level 1

‎08-03-2024 10:40 AM

Hi,

I'm currently dealing with the topic of 802.1X and have a question that I would appreciate some help with!

I would like to authenticate a wired client using MAB so that it can access restricted central resources in the first step! If the MAC address cannot be authenticated, access should be blocked!

In terms of approach, I would configure the respective switch port as an access port (untagged) in the restricted VLAN and secure it using ACL on the Layer 3 interface! However, isolation in the same VLAN/IP segment is not guaranteed this way... Does anyone here have a suggestion as to how I could solve this better?

In the second step - when the device has been successfully authenticated using the MAC address - a certificate should be pushed to the client, which should then ultimately trigger authentication using 802.1X!
As soon as the certificate has been validated, the respective VLAN should be changed dynamically by the authentication server on the switch(port)!

Any kind of help/suggestions/informations is very welcomed and I thank you all in advance!

Labels:
0 Helpful
1 Reply 1

MHM Cisco World
VIP
VIP

‎08-03-2024 10:46 AM

CA must be manual add to client' there is no option to push cert. To user 

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card