The Encapsulation Of Eapol Messages - Edge-Core ES4624-SFP Manual

EAP messages adopt EAPOL encapsulation format between the PAE of the
supplicant system and the PAE of the authenticator system in the environment
of LAN.
Between the PAE of the authenticator system and the RADIUS server, there are
two methods to exchange information: one method is that EAP messages adopt
EAPOR (EAP over RADIUS) encapsulation format in RADIUS protocol; the
other is that EAP messages terminate with the PAE of the authenticator system,
and adopt the messages containing RAP (Password Authentication Protocol) or
CHAP (Challenge Handshake Authentication Protocol) attributes to do the
authentication interaction with the RADIUS server.
When the user pass the authentication, the authentication server system will
send the relative information of the user to authenticator system, the PAE of the
authenticator system will decide the authenticated/unauthenticated status of the
controlled port according to the authentication result of the RADIUS server.

23.1.3 The Encapsulation of EAPOL Messages

1. The Format of EAPOL Data Packets
EAPOL is a kind of message encapsulation format defined in 802.1x protocol, and is
mainly used to transmit EAP messages between the supplicant system and the
authenticator system in order to allow the transmission of EAP messages through the
LAN. In IEEE 802/Ethernet LAN environment, the format of EAPOL packet is illustrated in
the next figure. The beginning of the EAPOL packet is the Type/Length domain in MAC
frames.
PAE Ethernet Type: Represents the type of the protocol whose value is 0x888E.
Fig 23-2 the Work Mechanism of 802.1x
Fig 23-3 the Format of EAPOL Data Packet
840