Eap Over Lans - HP 4800G Series Configuration Manual

Authorized state and unauthorized state
The device uses the authentication server to authenticate a client trying to access the LAN and controls
the status of the controlled port depending on the authentication result, putting the controlled port in the
authorized state or unauthorized state, as shown in
Figure 1-2 Authorized/unauthorized status of a controlled port
You can set the access control mode of a specified port to control the authorization status. The access
control modes include:
authorized-force: Places the port in the authorized state, allowing users of the ports to access the
network without authentication.
unauthorized-force: Places the port in the unauthorized state, denying any access requests from
users of the ports.
auto: Places the port in the unauthorized state initially to allow only EAPOL frames to pass, and
turns the ports into the authorized state to allow access to the network after the users pass
authentication. This is the most common choice.
Control direction
In the unauthorized state, the controlled port can be set to deny traffic to and from the client or just the
traffic from the client.
Currently, your device can only be set to deny traffic from the client.

EAP over LANs

EAPOL frame format
EAPOL, defined in 802.1X, is intended to carry EAP protocol packets between clients and devices over
LANs. Figure 1-3 shows the EAPOL frame format.
Figure 1-2.
1-3