Huawei Quidway S5600 Series Operation Manual page 512
Hide thumbs
Also See for Quidway S5600 Series:
- Specifications (9 pages) ,
- Installation manual (73 pages)
Table of Contents
Advertisement
Operation Manual – 802.1x
Quidway S5600 Series Ethernet Switches-Release 1510
Supplicant
Supplicant
Supplicant
syst em
syst em
syst em
EAP-Response/MD5 Challenge
EAP-Response/MD5 Challenge
EAP-Response/MD5 Challenge
Figure 1-9 802.1x authentication procedure (in EAP terminating mode)
The authentication procedure in EAP terminating mode is the same as that in the EAP
relay mode except that the randomly-generated key in the EAP terminating mode is
generated by the switch, and that it is the switch that sends the user name, the
randomly-generated key, and the supplicant system-encrypted password to the
RADIUS server for further authentication.
1.1.5 802.1x Timer
In 802.1 x authentication, the following timers are used to ensure that the supplicant
system, the switch, and the RADIUS server interact in an orderly way:
Transmission timer (tx-period): This timer sets the tx-period and is triggered by
the switch in one of the following two cases: The first case is when the client
requests for authentication. The switch sends a unicast request/identity packet to
a supplicant system and then enables the transmission timer. The switch sends
EAPOL
EAPOL
EAPOL
EAPOL-Start
EAPOL-Start
EAPOL-Start
EAP-Request/Identity
EAP-Request/Identity
EAP-Request/Identity
EAP-Response/Identity
EAP-Response/Identity
EAP-Response/Identity
EAP-Request/MD5 Challenge
EAP-Request/MD5 Challenge
EAP-Request/MD5 Challenge
EAP-Success
EAP-Success
EAP-Success
Hands hake request pac ket
Hands hake request pac ket
Hands hake request pac ket
[EAP-Request/Identity]
[EAP-Request/Identity]
[EAP-Request/Identity]
Hands hake reply pac ket
Hands hake reply pac ket
Hands hake reply pac ket
[EAP-Response/Identity]
[EAP-Response/Identity]
[EAP-Response/Identity]
......
......
......
EAPOL-Logoff
EAPOL-Logoff
EAPOL-Logoff
Huawei Technologies Proprietary
RADIUS
RADIUS
RADIUS
Switc h
Switc h
Switc h
RADIUS Access-Reque
RADIUS Access-Reque
RADIUS Access-Reque
(CHAP-Response/MD5 Chal
(CHAP-Response/MD5 Chal
(CHAP-Response/MD5 Chal
RADIUS Access-Acce
RADIUS Access-Acce
RADIUS Access-Acce
(CHAP-Success)
(CHAP-Success)
(CHAP-Success)
Port acc ept ed
Port acc ept ed
Port acc ept ed
Hands hake ti mer ti me out
Hands hake ti mer ti me out
Hands hake ti mer ti me out
Port reject ed
Port reject ed
Port reject ed
1-9
Chapter 1 802.1x Configuration
RADIUS ser ver
RADIUS ser ver
RADIUS ser ver
st
st
st
lenge)
lenge)
lenge)
pt
pt
pt
- Quick Links:
- Chapter 3 Product Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
