Configuration; Ieee 802.1X Overview; System Architecture - 3Com 400 Family Configuration Manual

Hide thumbs

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

Table of Contents

IEEE 802.1X Overview

802.1X System

Architecture

802.1X C

ONFIGURATION

This chapter covers the following topics:

IEEE 802.1X Overview

■

Configuring 802.1X

■

AAA and RADIUS Protocol Configuration

■

For information on setting up a RADIUS server and RADIUS client refer to

Appendix

For details on how to authenticate the Switch 4500 with a Cisco Secure ACS

server with TACACS+, refer to

IEEE 802.1X (hereinafter simplified as 802.1X) is a port-based network access

control protocol that is used as the standard for LAN user access authentication.

In the LANs complying with the IEEE 802 standards, the user can access the

devices and share the resources in the LAN through connecting the LAN access

control device like the LAN Switch. However, in telecom access, commercial LAN

(a typical example is the LAN in the office building) and mobile office and so on,

the LAN providers generally hope to control the user's access. In these cases, the

requirement on the above-mentioned "Port Based Network Access Control"

originates.

As the name implies, "Port Based Network Access Control" means to authenticate

and control all the accessed devices on the port of LAN access control device. If

the user's device connected to the port can pass the authentication, the user can

access the resources in the LAN. Otherwise, the user cannot access the resources

in the LAN. It equals that the user is physically disconnected.

802.1X defines port based network access control protocol and only defines the

point-to-point connection between the access device and the access port. The

port can be either physical or logical. The typical application environment is as

follows: Each physical port of the LAN Switch only connects to one user

workstation (based on the physical port) and the wireless LAN access environment

defined by the IEEE 802.11 standard (based on the logical port), etc.

The system using the 802.1X is the typical C/S (Client/Server) system architecture.

It contains three entities, which are illustrated in the following figure: Supplicant

System (User), Authenticator System and Authentication Server System.

The LAN access control device needs to provide the Authenticator System of

802.1X. The devices at the user side such as the computers need to be installed

with the 802.1X client Supplicant (User) software, for example, the 802.1X client

Appendix

Table of Contents

Configuration; Ieee 802.1X Overview; System Architecture - 3Com 400 Family Configuration Manual

IEEE 802.1X Overview

Troubleshooting

Related Manuals for 3Com 400 Family

Related Content for 3Com 400 Family

Table of Contents