Does a client machine have to have an IP address during EAP process?

35 pts.
Tags:
EAP
IP address
Does a client machine must have IP address on it before it is authenticated with 802.1x using EAP protocol?
0

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 7  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • TheRealRaven
    That's a basic research question about how EAP is handled over PPP and how PPP relates to TCP/IP. (Technically, it can also depend on exactly what networking hardware is involved.) Quite a bit of background info is needed to give and justify a correct answer.

    Since PPP is a "point-to-point protocol", it really only needs to depend on two directly attached devices with no absolute need for an internet protocol address. But that's not the end of the info. General implementations take various forms in particular environments.

    For a precise answer, please describe the problem "network" environment and the actual problem that you're trying to solve.
    33,610 pointsBadges:
    report
  • sqambera

    Thanks for your reply. I am actually simulating a scenario in which Windows machine is required to perform 802.1x authentication while trying to connect to wired and wireless network. The authentication server is the Cisco ISE server. So I am trying to know whether the Windows machine needs IP on it for EAP process to work or it does not?

    Thanks,

    Qamber


    35 pointsBadges:
    report
  • TheRealRaven
    Without detailed specs of all involved equipment, there's no way to be sure. Basic guess is "No." But so far you haven't described any problem. What is happening that you need help to solve?
    33,610 pointsBadges:
    report
  • sqambera
    So basically its just that I am trying to clarify my concept  theoretically about authentication through EAP. There is not really much equipment at this stage. However, I am assuming a scenario in which a Windows machine attempts 802.1x authentication using any EAP type and the authentication server is ISE.
    35 pointsBadges:
    report
  • TheRealRaven
    With properly configured ISE as authenticator, 802.11 is going to happen first as a natural course. Once that's established, ISE will be intermediate between client (via EAP) and your authentication server (via RADIUS). EAP requests are passed through ISE until authentication is valid.

    Then, access beyond ISE is allowed.

    But it's not quite what you asked. E.g., it's not clear if you mean to ask if a static IP address needs to be set before a client system can rely on EAP at all or if an address may be assigned via DHCP as with any other client system. In your general scenario, it shouldn't matter.

    It's not clear if you actually have a problem. So far, it just sounds like you need to do more reading and testing.
    33,610 pointsBadges:
    report
  • sqambera
    Many thanks for you answering all my questions. I really appreciate that. Could you please suggest an Internet link or book that could help to firm that understanding?
    35 pointsBadges:
    report
  • TheRealRaven
    For you, I'd say study the Cisco Wired 802.1X Deployment Guide. Use it to guide Google searches for elements you want to dig deeper into. There's no good way to direct an individual without some solid knowledge of the individual's experience/background and capabilities.
    33,610 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: