The question asks which EAP (Extensible Authentication Protocol) methods are supported when configuring the 802.1Xsupplicantfeature on an AOS-CX switch (i.e., the switch acting as the client authenticating to another device).
AOS-CX 802.1X Supplicant:Allows the switch itself to authenticate using 802.1X.
Supported EAP Methods:Switch implementations typically support a subset of common EAP methods for the supplicant role. Secure methods are preferred. AOS-CX documentation for the dot1x supplicant eap-method command typically lists supported types. Common secure methods found in documentation include EAP-TLS and EAP-PEAP (usually with MSCHAPv2). EAP-MD5 is often supported but insecure.
Analysis of Options (Select Two):
A. EAP-TLS: A secure, certificate-based method commonly supported by enterprise supplicants. Likely supported.
B. EAP-TTLS: Another secure tunneled method, but PEAP is sometimes more common in switch supplicants. Support needs verification in specific AOS-CX docs.
C. EAP-MD5: Simple challenge-response, but insecure. Often supported for legacy reasons.
D. EAP-PEAP: Secure tunneled method using server-side certificate and typically username/password (MSCHAPv2) inside. Commonly supported.
E. EAP-TEAP: A newer tunneled method, less likely to be supported than PEAP/TLS in switch supplicants.
Conclusion:Based on typical enterprise requirements and likely AOS-CX capabilities documented for the supplicant feature, the secure methods EAP-TLS(A) and EAP-PEAP (D) are the most probable supported options among the choices.
[References:AOS-CX Security Guide (802.1X Supplicant configuration, supported EAP methods). This relates to "Security" (10%) and "Authentication/Authorization" (9%)., ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit