Guidelines and Limitations for EAP-TLS Authentication
The EAP-TLS authentication has the following guidelines and limitations:
-
The IOS-XR software supports 802.1X only on physical ports (Ethernet interfaces).
-
The IOS-XR software supports only EAP-TLS authentication method.
-
802.1X Port-based authentication is used only to derive keys for MKA, and does not perform port control.
-
The IOS-XR software supports both the PAE roles, as an authenticator and a supplicant.
-
The IOS-XR software as an authenticator supports Remote EAP authentication using RADIUS as EAP transport.
-
The IOS-XR software supports only single-host mode, and not multi-host mode.