1. Manuals
  2. Brands
  3. Black Box Manuals
  4. Switch
  5. 12-Port 1000BASE-TX L2 Managed PoE Switch
  6. User manual

Black Box 12-Port 1000BASE-TX L2 Managed PoE Switch User Manual page 81

With 2 sfpdual media ports
Hide thumbs
Table of Contents

Advertisement

12-Port 1000BASE-TX L2 Managed PoE Switch with 2 SFP Dual Media Ports
The Fig. 4-3 shows the procedure of 802.1x authentication. There are steps for the login based on 802.1x port
access control management. The protocol used in the right side is EAPOL and the left side is EAP.
1. At the initial stage, the supplicant A is unauthenticated and a port on switch acting as an authenticator is in
unauthorized state. So the access is blocked in this stage.
2. Initiating a session. Either authenticator or supplicant can initiate the message exchange. If supplicant
initiates the process, it sends EAPOL-start packet to the authenticator PAE and authenticator will
immediately respond EAP-Request/Identity packet.
3. The authenticator always periodically sends EAP-Request/Identity to the supplicant for requesting the
identity it wants to be authenticated.
4. If the authenticator doesn't send EAP-Request/Identity, the supplicant will initiate EAPOL-Start the
process by sending to the authenticator.
5. And next, the Supplicant replies an EAP-Response/Identity to the authenticator. The authenticator will
embed the user ID into Radius-Access-Request command and send it to the authentication server for
confirming its identity.
6. After receiving the Radius-Access-Request, the authentication server sends Radius-Access-Challenge to the
supplicant for asking for inputting user password via the authenticator PAE.
7. The supplicant will convert user password into the credential information, perhaps, in MD5 format and
replies an EAP-Response with this credential information as well as the specified authentication algorithm
(MD5 or OTP) to Authentication server via the authenticator PAE. As per the value of the type field in
message PDU, the authentication server knows which algorithm should be applied to authenticate the
credential information, EAP-MD5 (Message Digest 5) or EAP-OTP (One Time Password) or other else
algorithm.
8. If user ID and password is correct, the authentication server will send a Radius-Access-Accept to the
authenticator. If not correct, the authentication server will send a Radius-Access-Reject.
78
C
Authenticator
B
Figure 4-2.
Authentication server
Supplicant A

Advertisement

Table of Contents
loading

Related Manuals for Black Box 12-Port 1000BASE-TX L2 Managed PoE Switch

Related Products for Black Box 12-Port 1000BASE-TX L2 Managed PoE Switch

Table of Contents