cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

What is the difference between Transparent 802.1X and Internal 802.1X authentication on the BSC?

What is the difference between Transparent 802.1X and Internal 802.1X authentication on the BSC?

Q: What is the difference between Transparent 802.1X and Internal 802.1X authentication on the BSC?

A: Transparent 802.1X

-Supports the following EAP types.

     -EAP-TLS

     -TTLS

     -PEAP

     -Cisco-LEAP

     -MD5

-Supports machine authentication.

-Required to apply group policy, run login scripts, and allow logins by non-cached domain users.

-Access points send RADIUS requests to RADIUS server. -Requires certificate installed on RADIUS server.

Internal 802.1X

-Supports the following EAP types.

     -TTLS

     -PEAP

     -FAST

-Does NOT support machine authentication.

-Can't apply group policy, run login scripts and non-cached domain users will not be able to login.

-Access points send RADIUS requests to BSC. BSC is the RADIUS server and terminates EAP.

-BSC can authenticate user against local user database.

-Proxy inner method (i.e. PAP, CHAP, MSCHAP, MSCHAPv2) to external RADIUS server.

-*Authenticate user directly against LDAP server if LDAP server has readable attribute containing the MD4 hash of the user's password.

*Microsoft Active Directory does NOT have a readable attribute containing the MD4 hash of the users password and therefore authenticating directly against MS AD is NOT supported. Use IAS or NPS with MS AD.

-Leverages certificate already installed on BSC.

-Allows you to support 802.1X authentication without deploying a RADIUS server(Local User DB/LDAP) or with a RADIUS server that doesn't support EAP.

Labels (1)
Version history
Revision #:
1 of 1
Last update:
‎09-05-2012 02:56 PM
Updated by:
 
Contributors