| Author |
Message |
Anthony Chavez
Guest
|
 Posted:
Thu Mar 03, 2005 4:32 am Post subject:
Question regarding 802.1x |
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi, all.
My question is a simple one. Under the following configuration, will
station A be able to authenticate against switch A, which supports
802.1x through switch B, which does not?
[X]--------[X]----------O
switch A switch B station A
FWIW, switch A is a Cisco 2924XL-EM, switch B is a 3Com 3CNJ100 Work
Area Outlet with a 4-port switch, and station A is a yet-to-be-purchased
802.1x NIC (most likely a 3Com, but I'm open to suggestions if you have
them).
Bonus question: Would authentication work if there were two stations
connected simultaneously to switch B (as you would expect to see on a
switch)?
Thanks!
- --
Anthony Chavez http://anthonychavez.org/
mailto:acc@anthonychavez.org jabber:acc@jabber.anthonychavez.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Darwin)
iD8DBQFCJk0EbZTbIaRBRXERAlXLAJ9n8OfN1p44fjhLGNBf28pcySdDkQCfbV06
+ZG6Tx2HnW7rYlKt6ylCmd8=
=2hrR
-----END PGP SIGNATURE----- |
|
| Back to top |
|
 |
Anthony Chavez
Guest
|
| Posted:
Thu Mar 03, 2005 4:48 am Post subject:
Re: Question regarding 802.1x |
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 02 Mar 2005 16:32:16 -0700 Anthony Chavez <acc@anthonychavez.org> wrote:
| Quote: | FWIW, switch A is a Cisco 2924XL-EM
|
Sorry, make that a Cisco 2950-24, which acctually supports 802.1x. ;-)
- --
Anthony Chavez http://anthonychavez.org/
mailto:acc@anthonychavez.org jabber:acc@jabber.anthonychavez.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (Darwin)
iD8DBQFCJlDPbZTbIaRBRXERAtqDAJ4szFBK5nqmSv4cQSlQ1JRK851O0wCeJzxh
hGzAtzUaSHe8PBodOWE8CPE=
=Cmsy
-----END PGP SIGNATURE----- |
|
| Back to top |
|
|
krycheq
Guest
|
| Posted:
Wed Mar 09, 2005 4:47 am Post subject:
Re: Question regarding 802.1x |
|
|
Anthony Chavez wrote:
| Quote: | On Wed, 02 Mar 2005 16:32:16 -0700 Anthony Chavez <acc@anthonychavez.org> wrote:
FWIW, switch A is a Cisco 2924XL-EM
Sorry, make that a Cisco 2950-24, which acctually supports 802.1x. ;-)
As long as switch B can function as an authenticator, then yes, the |
solution should work fine. The intermediate switch doesn't see the EAP
at layer-2, only the access-switch see it so it isn't important whether
it supports 802.1x or not. That is one of the functions of the
authenticator... convert EAP at layer-2 to RADIUS (or another
unspecified protocol... the standard isn't specific) layer-3 traffic.
Of course you can attach as many stations as you have ports. I won't
answer for multiple stations per port... it can be done, but it makes
ugliness.
As far as NICs go... almost any modern nic will be fine... it's the
supplicant software that makes all the difference.
Scott |
|
| Back to top |
|
|
krycheq
Guest
|
| Posted:
Wed Mar 09, 2005 4:48 am Post subject:
Re: Question regarding 802.1x |
|
|
Anthony Chavez wrote:
| Quote: | On Wed, 02 Mar 2005 16:32:16 -0700 Anthony Chavez <acc@anthonychavez.org> wrote:
FWIW, switch A is a Cisco 2924XL-EM
Sorry, make that a Cisco 2950-24, which acctually supports 802.1x. ;-)
As long as switch B can function as an authenticator, then yes, the |
solution should work fine. The intermediate switch doesn't see the EAP
at layer-2, only the access-switch see it so it isn't important whether
it supports 802.1x or not. That is one of the functions of the
authenticator... convert EAP at layer-2 to RADIUS (or another
unspecified protocol... the standard isn't specific) layer-3 traffic.
Of course you can attach as many stations as you have ports. I won't
answer for multiple stations per port... it can be done, but it makes
ugliness.
As far as NICs go... almost any modern nic will be fine... it's the
supplicant software that makes all the difference.
Scott |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in