Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13726
Views
11
Helpful
1
Replies

Difference between 802.1x multi-host and 802.1x multi-auth

Go to solution
mrombouts
Beginner
Beginner

‎12-01-2014 03:45 AM - edited ‎03-07-2019 09:43 PM

Hi,

This is a bit confusing for me. Does someone has an easy explanation?

What I understand and looked up for the moment (correct me if I'm wrong):

802.1x multi-host: Good for an AP or a phone setup. Port becomes authorized as soon as one client is authenticated. In this situation the AP or the phone. Aftherwards pc's have access without any further 802.1x action.

802.1x multi-auth: Multiple devices are allowed to independently authenticate through the same port. More secure? Is this good for next setup: I have a 802.1x port on the managed 24p switch, but the customer decides to plug in a non-managed 8p cheap switch on his desk where different pc's will be plugged in. So I have a 802.1x port on the Cisco switch connected to a non-managed 8p switch. I suppose 802.1x multi-host configuration is not a secure option here.

I don't know if I am clear enough. Don't hesitate to ask if not.

Thanks for your reply.

 

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP Mentor VIP Mentor
VIP Mentor

‎12-01-2014 04:20 AM

You are right with your understanding.

  • Multi-Host is a valid solution if a power-user for example is using many VMs on his PC. After authenticating initially, all VMs can communicate with the network.
  • Multi-Auth is more secure because each MAC address accessing the network is controlled.

A very good overview on 802.1x and the configuration can be found on the Cisco IOS Quick Reference Guide for IBNS.

View solution in original post

1 Reply 1

Go to solution
Karsten Iwen
VIP Mentor VIP Mentor
VIP Mentor

‎12-01-2014 04:20 AM

You are right with your understanding.

  • Multi-Host is a valid solution if a power-user for example is using many VMs on his PC. After authenticating initially, all VMs can communicate with the network.
  • Multi-Auth is more secure because each MAC address accessing the network is controlled.

A very good overview on 802.1x and the configuration can be found on the Cisco IOS Quick Reference Guide for IBNS.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents