The world is moving to a wireless edge as fast as it can. The devices we use every day don’t even have Ethernet ports any longer unless we buy an adapter to put on them. But that doesn’t mean that everything in the world is going to be wireless for the rest of time. The number of fixed devices that still require us to plug them in for dependable connectivity is more numerous than you might realize.
Securing these devices properly is of paramount importance to the operations teams. If we don’t find a way to keep those wired devices safe and ensure that they are only admitted to the network if properly verified, then we are going to be fighting a losing battle of keeping everyone and everything safe.
802.1X is the standard for authenticating users and devices in a networking environment. It’s easy enough to set up for wireless users but getting it working for wired devices has always been a bit of a challenge. Thankfully, people like Kevin Blackburn have been taking notes and doing the hard work for the rest of us. He’s written up a great way to get your Dot1X configuration going for Cisco wired devices. Here’s a great excerpt from the post:
Last thing to do before your switch will begin trying to authenticate users and devices with your radius server is to enable authentication on a port-level basis. You can do this on one command or use the interface range command to enable on multiple interfaces. There are two commands to accomplish this.
Make sure you check out his entire blog post for more info about how to make this happen in your environment. Read more at Basic Cisco Dot1X Setup Guide for Wired Authentication