Generic Terms Used In 802.1X - Alcatel-Lucent OmniAccess 700 Cli Configuration Manual
Release versions: 2.2, 2.2-r02, 2.3
Hide thumbs
Also See for OmniAccess 700:
- Brochure (2 pages) ,
- Getting started manual (25 pages) ,
- User manual (359 pages)
Table of Contents
Advertisement
G
ENERIC TERMS USED IN
Supplicant
An entity at one end of a point-to-point LAN segment that seeks to be
authenticated by an Authenticator attached to the other end of the link. The
supplicant is sometimes called as 802.1X client.
Authenticator
An Entity at one end of a point-to-point LAN segment that facilitates authentication
of the entity attached to the other end of that link.
Authentication Server
An entity that provides an authentication service to an authenticator. This service
determines from the credentials provided by the supplicant whether the supplicant
is authorized to access the services provided by the OA-700 in which the
Authenticator resides. The example of the authentication servers: RADIUS server.
TACACS Server, etc.
EAPOL
The protocol in 802.1X is called EAP encapsulation over LANs (EAPOL). 802.1X
is a standard for passing EAP over a wired LAN. It packages EAP messages in
Ethernet frames.
The following is the communications among Supplicant, Authenticator, and
Authentication Server.
•
The authenticator sends an "EAP-Request/Identity" packet to the supplicant as
soon as it detects that the link is active.
•
The supplicant sends an "EAP-Response/Identity" packet to the authenticator,
which is then passed on to the authentication (RADIUS) server.
•
The authentication server sends back a challenge to the authenticator, such as
with a token password system. The authenticator unpacks this from RADIUS
packet and repackages it into EAPOL and sends it back to the supplicant.
Different authentication methods will vary this message and the total number of
messages.
•
The supplicant responds to the challenge via the authenticator and passes the
response onto the authentication server.
•
If the supplicant provides proper identity, the authentication server responds with
a success message, which is then passed onto the supplicant. The authenticator
now allows access to the LAN.
CLI Configuration Guide
Beta
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
802.1X
Alcatel-Lucent
802.1X Overview
207
Beta
Advertisement
Table of Contents
Troubleshooting
