3Com Switch 4800G 24-Port Configuration Manual page 722
Switch 4800g family 24-port, pwr 24-port, 48-port, pwr 48-port, 24-port sfp
Hide thumbs
Also See for Switch 4800G 24-Port:
- Product manual (13 pages) ,
- Datasheet (8 pages) ,
- Configuration manual (27 pages)
Table of Contents
Advertisement
722
C
50: 802.1
HAPTER
X
n
C
ONFIGURATION
7 When receiving the EAP-Request/MD5 Challenge packet, the supplicant uses the
offered challenge to encrypt the password part (this process is not reversible),
creates an EAP-Response/MD5 Challenge packet, and then sends the packet to
the authenticator.
8 After receiving the EAP-Response/MD5 Challenge packet, the authenticator relays
the packet in a RADIUS Access-Request packet to the authentication server.
9 When receiving the RADIUS Access-Request packet, the RADIUS server compares
the password information encapsulated in the packet with that generated by
itself. If the two are identical, the authentication server considers the user valid
and sends to the authenticator a RADIUS Access-Accept packet.
10 Upon receiving the RADIUS Access-Accept packet, the authenticator opens the
port to grant the access request of the supplicant. After the supplicant gets online,
the authenticator periodically sends handshake requests to the supplicant to check
whether the supplicant is still online. By default, if two consecutive handshake
attempts end up with failure, the authenticator concludes that the supplicant has
gone offline and performs the necessary operations, guaranteeing that the
authenticator always knows when a supplicant goes offline.
11 The supplicant can also send an EAPOL-Logoff frame to the authenticator to go
offline unsolicitedly. In this case, the authenticator changes the status of the port
from authorized to unauthorized.
In EAP relay mode, a supplicant must use the same authentication method as that
of the RADIUS server, no matter whichever of the above mentioned authentication
methods is used. On the device, however, you only need to execute the dot1x
authentication-method eap command to enable EAP relay.
EAP termination
In EAP termination mode, EAP packets are terminated at the authenticator and
then repackaged into the PAP or CHAP attributes of RADIUS and transferred to the
RADIUS server for authentication, authorization, and accounting. Figure 218
shows the message exchange procedure with CHAP authentication.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
