3Com 4500 PWR 26-Port Configuration Manual page 346
Hide thumbs
Also See for 4500 PWR 26-Port:
- Manual (942 pages) ,
- Configuration manual (870 pages) ,
- Getting started manual (128 pages)
Table of Contents
Advertisement
Figure 28-1 Architecture of 802.1x authentication
The supplicant system is an entity residing at one end of a LAN segment and is authenticated by
the authenticator system at the other end of the LAN segment. The supplicant system is usually a
user terminal device. An 802.1x authentication is triggered when a user laun
the supplicant system. Note that the client program must support the extensible authentication
protocol over LAN (EAPoL).
The authenticator system is another entity residing at one end of a LAN segment. It authenticates
the connected supplicant systems. The authenti
network device (such as a 3Com series switch). It provides the port (physical or logical) for the
supplicant system to access the LAN.
The authentication se
authenticator system. Normally in the form of a RADIUS server, the authentication server system
serves to perform Authentication, Authorization, and Accounting (AAA) services to users. It also
stores user information, such as user name, password, the VLAN a user belongs to, priority, and
the Access Control Lists (ACLs) appli
The four basic concepts related to the above three entities are PAE, controlled port and uncontrolled
port, the valid direction of a controlled port and the way a port is controlled.
PAE
A po
rt access entity (PAE) is responsible for implementing algorithms and performing protocol-
op rations in the authentication mechanism.
e
The authenticator system PAE authenticates the supplicant systems when they log into the LAN
and controls the status (authorized/unauthorized) of the controlled ports according to the
authentication result.
The supplicant system PAE respo
authenticator system and submits user authentication information to the authenticator system. It
also sends authentication requests and disconnection requests to the authenticator system PAE.
C
ontrolled port and uncontrolled port
The authenticator system provi
kind is divided into a controlled port and an uncontrolled port.
The uncontrolled port can always send and receive packets. It mainly serv
packets to ensure that a supplicant system can send and receive authentication requests.
rver system is an entity that provides authentication service to the
ed.
nds to the authentication requests received from the
des ports for supplicant systems to access a LAN. Logically, a port of this
28-2
cator system is usually an 802.1x-supported
ches client program on
related
es to forward EAPoL
- Quick Links:
- User Control
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
