1. Manuals
  2. Brands
  3. Huawei Manuals
  4. Switch
  5. Quidway S3500 Series
  6. Operation manual

802.1X Authentication Process - Huawei Quidway S3500 Series Operation Manual

Hide thumbs Also See for Quidway S3500 Series:
Table of Contents

Advertisement

Operation Manual - Security
Quidway S3500 Series Ethernet Switches
LANs) frame defined by IEEE 802.1x. Authentication data are encapsulated in the EAP
frame, which is to be encapsulated in the packets of other AAA upper layer protocols
(e.g. RADIUS) so as to go through the complicated network to reach the Authentication
Server. Such procedure is called EAP Relay.
There are two types of ports for the Authenticator. One is the Uncontrolled Port, and the
other is the Controlled Port. The Uncontrolled Port is always in bi-directional connection
state. The user can access and share the network resources any time through the ports.
The Controlled Port will be in connecting state only after the user passes the
authentication. Then the user is allowed to access the network resources.
Supplicant
System
Supplicant
Figure 1-1 802.1x system architecture

1.1.3 802.1x Authentication Process

802.1x configures EAP frame to carry the authentication information. The Standard
defines the following types of EAP frames:
EAP-Packet: Authentication information frame, used to carry the authentication
information.
EAPoL-Start: Authentication originating frame, actively originated by the
Supplicant.
EAPoL-Logoff: Logoff request frame, actively terminating the authenticated state.
EAPoL-Key: Key information frame, supporting to encrypt the EAP packets.
EAPoL-Encapsulated-ASF-Alert: Supports the Alerting message of Alert Standard
Forum (ASF).
The EAPoL-Start, EAPoL-Logoff and EAPoL-Key only exist between the Supplicant
and the Authenticator. The EAP-Packet information is re-encapsulated by the
Authenticator System and then transmitted to the Authentication Server System. The
EAPoL-Encapsulated-ASF-Alert is related to the network management information and
terminated by the Authenticator.
Authenticator System
Services
offered
by
Authenticators
System
Port
unauthorized
Controlled
Port
EAPoL
Huawei Technologies Proprietary
Authenticator
PAE
Uncontrolled
Port
LAN
1-2
Chapter 1 802.1x Configuration
Authenticator
Server
System
Authenticator
Server
EAP protocol
exchanges
carried in
higher layer
protocol
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Huawei Quidway S3500 Series

Related Content for Huawei Quidway S3500 Series

Table of Contents