Table of Contents
Advertisement
Operation Manual – 802.1x-System Guard
H3C S3100 Series Ethernet Switches
Chapter 1 802.1x Configuration
1.1 Introduction to 802.1x
The 802.1x protocol (802.1x for short) was developed by IEEE802 LAN/WAN
committee to address security issues of wireless LANs. It was then used in Ethernet as
a common access control mechanism for LAN ports to address mainly authentication
and security problems.
802.1x is a port-based network access control protocol. It authenticates and controls
devices requesting for access in terms of the ports of LAN access devices. With the
802.1x protocol employed, a user-side device can access the LAN only when it passes
the authentication. Those fail to pass the authentication are denied when accessing the
LAN.
1.1.1 Architecture of 802.1x Authentication
As shown in
supplicant system, an authenticator system, and an authentication server system.
Supplicant System
Supplicant PAE
Figure 1-1 Architecture of 802.1x authentication
The supplicant system is an entity residing at one end of a LAN segment and is
authenticated by the authenticator system at the other end of the LAN segment.
The supplicant system is usually a user terminal device. An 802.1x authentication
is triggered when a user launches client program on the supplicant system. Note
that the client program must support the extensible authentication protocol over
LAN (EAPoL).
Figure
1-1, 802.1x adopts a client/server architecture with three entities: a
Authenticator System
Services offered by
Authenticator's
System
Port
unauthorized
LAN/WLAN
Authenticator
PAE
EAP protocol
exchanges
carried in
higher layer
protocol
1-1
Chapter 1 802.1x Configuration
Authentication
Server System
Authentication
Server
Advertisement
Chapters
Table of Contents
Troubleshooting
