A system administrator needs to implement 802.1x whereby when a user logs into the network, the authentication server communicates to the network switch and assigns the user to the proper VLAN.
Which of the following protocols should be used?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The correct answer is A. RADIUS.
802.1x is an IEEE standard for port-based network access control (NAC). It provides an authentication mechanism to devices trying to connect to a network and controls access to the network based on the identity of the user and the device they are using.
When a user logs in, the authentication server communicates with the network switch to determine the user's identity and to assign the user to the proper VLAN. To achieve this, the switch must support 802.1x and be configured to use a protocol that supports dynamic VLAN assignment.
RADIUS (Remote Authentication Dial-In User Service) is the most commonly used protocol for 802.1x authentication. It is an industry-standard protocol used for AAA (Authentication, Authorization, and Accounting) services, including user authentication, authorization, and accounting. RADIUS uses UDP to communicate between the network access server (NAS) and the RADIUS server.
When a user connects to the network, the NAS (in this case, the network switch) sends an Access-Request message to the RADIUS server containing the user's credentials. The RADIUS server then validates the credentials and sends an Access-Accept or Access-Reject message to the NAS. If the user is authenticated, the RADIUS server can also include information about the user's VLAN assignment in the Access-Accept message.
Kerberos is a network authentication protocol that provides strong authentication for client/server applications. It is primarily used in Microsoft Active Directory environments. LDAP (Lightweight Directory Access Protocol) is a protocol used to access and manage directory information. MSCHAP (Microsoft Challenge Handshake Authentication Protocol) is an authentication protocol used in Microsoft networks.
While all of these protocols can be used for authentication, only RADIUS supports dynamic VLAN assignment, which is required for the scenario described in the question. Therefore, the correct answer is A. RADIUS.