NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
How can I tell whether a switch (GS108Tv2) supports EAP-TLS?
Hi everyone, I need to test a 802.1X supplicant which uses specificically the EAP-TLS protocol to communicate between the device and the switch. How can I tell whether a particular switch support...
According to this tutorial
EAP-TLS should work on GS108Tv2 (and other switches from the same cathegory) if you do a firmware update.
I know that the switch won't be enough. But we have a requirement that we need to use this protocol (EAP-TLS). So my question is about this detail.
802.1X (Port Based Network Access Control) has defined the Extensible Authentication Protocol (EAP) over LAN (EAPoL). The switch (aka. authenticator) does just handle the basic EAP (on data link level, no IP) and pack/unpack the RADIUS Server communication in EAPoL and vice versa. Because this is transparent, it's extensible. As such it allows EAP negotiation to "any" authentication (like EAP-TLS) so it can be done between the supplicant and the RADIUS server. The switch (misleadingly named authenticator) does not have to care about the authentication method. For reference: EAP and EAPoL does exist since about 2004 (RFC3748) Over time, there was just one modification of the EAPoL protocol for use with MACsec (IEEE 802.1ae) and Initial Device Identity, IDevID (IEEE 802.1AR) in 802.1X-2010.
Get such a switch, the per port cost is well below 10 USD - it's a bargain to start and build your experience with this technology.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
