
Understand the dot1x protocol and its three roles—supplicant, authenticator, and authentication server—and how radius and eap methods secure port access to prevent rogue access points.
Configure the switch for dot1x authentication with a dhcp server, radius server, and bridge settings, linking the switch to the router and testing with a mac-based client.
Configure dot1x on the router as the authentication server for 802.1x, using mac addresses as credentials, linking the router with the switch, and enabling ports 1812/1813 for IP allocation.
Configure dot1x authentication with username and password on MikroTik, using a switch and router as dot1x clients, creating accounts, and verifying IP assignment.
Dot1x (802.1x) is a protocol that does not have a lot of attention for many network engineers while it can secure your network from un-authorized access to it.
Fortunately, since RouterOS v 6.45.1, MikroTik has added Dot1x protocol on its Switches/Routers allowing everyone to use it. Since RouterOS v7, MikroTik has added Dot1x on the User Manager software to act as the Authentication server for the Dot1x supplicants, this has made me to decide making a course speaking in details about Dot1x and show how you can configure on MikroTik.
In this course, you need to have 3 MikroTik routers. I am going to use 2 Hap lite and 1 CRS3xx series switch. If you do not have a CRS3xx series, that's ok to replace it by another MikroTik router/switch.
I will explain to you what is dot1x and how it works, then I am going to show you how you can do dot1x authentication using MAC authentication and user accounts, and in the last part of the course I will show you how you can assign VLANs for authenticated machines.
Finally, if you want to understand everything about Dot1x and you want to know how to configure this protocol on MikroTik, all you need to do is to enroll in my course and by end of the course you will have a full understanding on this protocol and able to configure it easily on MikroTik products