•
Divide system functionality between supplicants (user machines), authenticators, and
authentication servers. Authenticators live in edge switches. They shuffle messages and tell the
switch when to grant or deny access, but do not validate logins. User validation is the job of
authentication servers. This separation of functions allows network managers to put
authentication servers on central servers.
•
Use the EAPOL protocol to communicate between the authenticator and the supplicant. EAPOL
is an encapsulation of EAP (the Extensible Authentication Protocol defined in RFC 2284),
which includes extra data fields within a LAN frame. Note that EAPOL does not allow routing.
•
Use EAP to communicate between the authenticator and the authentication server. The specific
protocol that runs between these components (e.g., RADIUS-encapsulated EAP) is not specified
and is implementation-dependent.
9.2
SECURITY MENU SCREEN
Screen Navigation Path
Password > Main Menu > Security Menu
When to Use
To access the Security Configuration, Port Authentication, and Policy Override Configuration
screens.
How to Access
Use the arrow keys to highlight the Security Menu item on the Main Menu screen and press
ENTER. The Security Menu screen,
Figure
9-1, displays.
Security Menu Screen
Security Menu Screens
9-3