Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
952
Views
10
Helpful
2
Replies

why is 802.1x used for wireless if it is a port-based standard?

Go to solution
ccnaluna93
Level 1
Level 1

‎04-15-2020 12:10 AM - edited ‎07-05-2021 11:56 AM

Hi, I'm studying wireless security fundamentals but I was wondering something about 802.1x standard..

 

why is 802.1x used for wireless if it is a port-based standard?

 

As far as I know port-based means security per-port, this makes sense with wired networks, but doesn't with wireless network since wireless devices don't connect to ports but to AP's over air

 

I would appreciate your help! 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
JPavonM
VIP
VIP

‎04-15-2020 01:19 AM

In 802.1X argumentary, port is not always a physical port and maybe a logical port as well.

 

Every connection to an access point is treated as a logical port.

 

When using 802.1X, thera are two different port types in the AP, the controlled port, that is the one that is closed and not forwarding until authentication, and the uncontrolled port that allows only to pass EAPOL traffic to the AAA server.

 

Here is a good reference for that:

https://docs.arris.com/bundle/fastiron-08080-securityguide/page/GUID-2237B422-7D42-4851-993C-8F11CDF4F06E.html

https://www.controleng.com/articles/wireless-security-port-based-security-eap-akm/

 

HTH
-Jesus

*** Always Rate Helpful Responses ***

View solution in original post

0 Helpful
2 Replies 2

Go to solution
JPavonM
VIP
VIP

‎04-15-2020 01:19 AM

In 802.1X argumentary, port is not always a physical port and maybe a logical port as well.

 

Every connection to an access point is treated as a logical port.

 

When using 802.1X, thera are two different port types in the AP, the controlled port, that is the one that is closed and not forwarding until authentication, and the uncontrolled port that allows only to pass EAPOL traffic to the AAA server.

 

Here is a good reference for that:

https://docs.arris.com/bundle/fastiron-08080-securityguide/page/GUID-2237B422-7D42-4851-993C-8F11CDF4F06E.html

https://www.controleng.com/articles/wireless-security-port-based-security-eap-akm/

 

HTH
-Jesus

*** Always Rate Helpful Responses ***

0 Helpful

Go to solution
Cristian Matei
VIP Alumni
VIP Alumni

‎04-15-2020 01:37 AM

Hi,

 

    802.1x is more of a framework which defines a set of protocols and functions, core functionality relying on EAP; it can be seen as a standard from the point of view that it's not vendor proprietary. Although originally it was written for wired networks, as infrastructure and security evolved, it became a requirement to be supported over wireless as well, this change being made in 2004. If you follow up on IEEE, several amendments have been made, like the on in 2010 for MACsec support.

 

Regards,

Cristian Matei.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card