Eap Over Radius - HPE FlexNetwork MSR Series Comware 5 Security Configuration Manual
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 7 layer 3 - ip services configuration manuals (554 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
•
Code—Type of the EAP packet. Options include Request (1), Response (2), Success (3), or
Failure (4).
•
Identifier—Used for matching Responses with Requests.
•
Length—Length (in bytes) of the EAP packet. The length is the sum of the Code, Identifier,
Length, and Data fields.
•
Data—Content of the EAP packet. This field appears only in a Request or Response EAP
packet. The Data field comprises the request type (or the response type) and the type data.
Type 1 (Identify) and type 4 (MD5-challenge) are two examples for the type field.
EAPOL packet format
Figure 36
shows the EAPOL packet format.
Figure 36 EAPOL packet format
0
Protocol version
•
PAE Ethernet type—Protocol type. It takes the value 0x888E for EAPOL.
•
Protocol version—The EAPOL protocol version used by the EAPOL packet sender.
•
Type—Type of the EAPOL packet.
Hewlett Packard Enterprise implementation of 802.1X.
Table 7 Types of EAPOL packets
Value
0x00
0x01
0x02
•
Length—Data length in bytes, or length of the Packet body. If packet type is EAPOL-Start or
EAPOL-Logoff, this field is set to 0, and no Packet body field follows.
•
Packet body—Content of the packet. When the EAPOL packet type is EAP-Packet, the Packet
body field contains an EAP packet.
EAP over RADIUS
RADIUS adds two attributes, EAP-Message and Message-Authenticator, for supporting EAP
authentication. For the RADIUS packet format, see "Configuring AAA."
EAP-Message
RADIUS encapsulates EAP packets in the EAP-Message attribute, as shown in
field takes 79, and the Value field can be up to 253 bytes. If an EAP packet is longer than 253 bytes,
RADIUS encapsulates it in multiple EAP-Message attributes.
7
PAE Ethernet type
Type
Length
Packet body
Type
EAP-Packet
EAPOL-Start
EAPOL-Logoff
15
2
4
6
N
Table 7
lists the types of EAPOL packets supported by
Description
The client and the network access device uses EAP-Packets to
transport authentication information.
The client sends an EAPOL-Start message to initiate 802.1X
authentication to the network access device.
The client sends an EAPOL-Logoff message to tell the network
access device that it is logging off.
80
Figure
37. The Type
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?