Security

Reply
Aruba Employee
Posts: 1
Registered: ‎03-18-2013

tacase supported EAP/802.1x?

Hi Experts,

 

As i know EAP/802.1x only supported on radius protocol not TACACS. is it correct?

 

 

PS. I heard from someone cisco can do dot1x with TACACS.

anyone can confirm?

 

regards,

 

 

 

Aruba Employee
Posts: 390
Registered: ‎11-04-2011

Re: tacase supported EAP/802.1x?

Hi,

 

To answer this question, it is important to separate EAP/802.1x and its authentication methods.

 

EAP has several authentication methods, where MSCHAPv2, TLS and GTC are the most widely used.

 

MSCHAPv2 uses a challenge response mechanism to validate the user password, TLS uses certificates to validate the user's password and GTC can use a variety of mechanisms to validate the user credentials.

 

TACACS should work with TLS and GTC, it will probably not work with MSCHAPv2 as the challenge response mechanism requires knowledge of the password at both server and client.

 

So you could respond that EAP/802.1x is supported with TACACS+, as long as you don't expect it to work woth all authentication methods. If you leave away the 'under conditions', it will work also in ClearPass.

 

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
Search Airheads
Showing results for 
Search instead for 
Did you mean: