Specifications
What is the difference between Transparent 802.1x and Internal 802.1x authentication on
the BSC?
Transparent 802.1x
-Supports the following EAP types.
-EAP-TLS
-TTLS
-PEAP
-Cisco-LEAP
-MD5
-Supports machine authentication.
-Required to apply group policy, run login scripts, and allow logins by non-cached domain users.
-Access points send RADIUS requests to RADIUS server.
-Requires certificate installed on RADIUS server.
Internal 802.1x
-Supports the following EAP types.
-TTLS
-PEAP
-FAST
-Does NOT support machine authentication.
-Can't apply group policy, run login scripts and non-cached domain users will not be able to
login.
-Access points send RADIUS requests to BSC. BSC is the RADIUS server and terminates EAP.
-BSC can authenticate user against local user database.
-Proxy inner method (i.e. PAP, CHAP, MSCHAP, MSCHAPv2) to external RADIUS server.
-*Authenticate user directly against LDAP server if LDAP server has readable attribute
containing the MD4 hash of the user's password.
*Microsoft Active Directory does NOT have a readable attribute containing the MD4 hash of the
users password and therefore authenticating directly against MS AD is NOT supported. Use IAS
or NPS with MS AD.
-Leverages certificate already installed on BSC.
-Allows you to support 802.1x authentication without deploying a RADIUS server(Local User
DB/LDAP) or with a RADIUS server that doesn't support EAP.
What is the IP address of the protected/managed/admin interfaces of a default configuration of the
BSC?
Protected
By default the protected interface will obtain an IP address via DHCP. If there is no DHCP server on the
protected network the protected interface will fall back to 192.168.130.1/24. The protected interface ip
address is displayed on the LCD.
Managed