09-17-2018 03:02 AM - edited 03-08-2019 04:10 PM
Hi there!
I try to authenticate supplicant switch against authenticator switch, but I dont clearly undertand of this concept. Can u pls help me or guid me how to set-up supplicant switch authentication? I dont undertand against WHAT it does do the authentication. Because I created profile, configured eap method on supplicant SW and what more? There was nothing mentioned to configure any cred profile on authentication switch neither RADIUS. So my question is, against what does the supplicant switch do the authentication? (I only found that supplicant SW authenticate itself against authenticator, but...how?)
Solved! Go to Solution.
09-17-2018 05:45 AM
are you following some document like this ?
NEAT Configuration Example with Cisco Identity Services Engine
in DOT1x you have the authenticator and the authentication server
the authentication server verifies the credentials
the authenticator receives requests from the connected device with a DOT1x supplicant and forwards this to the authentication server
the supplicant switch behaves the same as the DOT1x supplicant on a client PC.
so it passes credentials using DOT1x to the authentication switch, which passes the request using Radius to the authentication server. the request is validated etc. etc.
so basically the supplicant switch needs to pass an account (username and password) to "login" into the connected switchport, where the account is validated at the authentication server (AD, ISE, ACS etc).
09-17-2018 05:45 AM
are you following some document like this ?
NEAT Configuration Example with Cisco Identity Services Engine
in DOT1x you have the authenticator and the authentication server
the authentication server verifies the credentials
the authenticator receives requests from the connected device with a DOT1x supplicant and forwards this to the authentication server
the supplicant switch behaves the same as the DOT1x supplicant on a client PC.
so it passes credentials using DOT1x to the authentication switch, which passes the request using Radius to the authentication server. the request is validated etc. etc.
so basically the supplicant switch needs to pass an account (username and password) to "login" into the connected switchport, where the account is validated at the authentication server (AD, ISE, ACS etc).
09-17-2018 10:37 PM
thank you very much, u showed my the right way!! Now its working like a charm
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide