1. Manuals
  2. Brands
  3. TP-Link Manuals
  4. Switch
  5. JetStream TL-SL5428E
  6. User manual

TP-Link TL-SL5428E User Manual page 187

24-port 10/100mbps + 4-port gigabit jetstream l2 managed switch
Hide thumbs
Table of Contents

Advertisement

RADIUS Access-Challenge packet. The switch then sends the key to the 802.1X client
program.
5.
Upon receiving the key (encapsulated in an EAP-Request/MD5 Challenge packet) from the
switch, the client program encrypts the password of the supplicant system with the key and
sends the encrypted password (contained in an EAP-Response/MD5 Challenge packet) to
the RADIUS server through the switch. (The encryption is irreversible.)
6.
The RADIUS server compares the received encrypted password (contained in a RADIUS
Access-Request packet) with the locally-encrypted password. If the two match, it will then
send feedbacks (through a RADIUS Access-Accept packet and an EAP-Success packet) to
the switch to indicate that the supplicant system is authorized.
7.
The switch changes the state of the corresponding port to accepted state to allow the
supplicant system access the network. And then the switch will monitor the status of
supplicant by sending hand-shake packets periodically. By default, the switch will force the
supplicant to log off if it can not get the response from the supplicant for two times.
8.
The supplicant system can also terminate the authenticated state by sending EAPOL-Logoff
packets to the switch. The switch then changes the port state from accepted to rejected.
(2) EAP Terminating Mode
In this mode, packet transmission is terminated at authenticator systems and the EAP packets are
mapped into RADIUS packets. Authentication and accounting are accomplished through RADIUS
protocol.
In this mode, PAP or CHAP is employed between the switch and the RADIUS server. This switch
supports the PAP terminating mode. The authentication procedure of PAP is illustrated in the
following figure.
In PAP mode, the switch encrypts the password and sends the user name, the
randomly-generated key, and the supplicant system-encrypted password to the RADIUS server for
further authentication. Whereas the randomly-generated key in EAP-MD5 relay mode is generated
by the authentication server, and the switch is responsible to encapsulate the authentication
packet and forward it to the RADIUS server.
Figure 11-21 PAP Authentication Procedure
179

Advertisement

Table of Contents
loading

Related Manuals for TP-Link TL-SL5428E

Related Products for TP-Link TL-SL5428E

Table of Contents