Chapter 1 802.1X Configuration; Introduction To 802.1X; Architecture Of 802.1X Authentication - Huawei Quidway S3900 Series Operation Manual
Hide thumbs
Also See for Quidway S3900 Series:
- Specifications (9 pages) ,
- Installation manual (95 pages) ,
- Command manual (1159 pages)
Table of Contents
Advertisement
Operation Manual – 802.1x
Quidway S3900 Series Ethernet Switches-Release 1510
Chapter 1 802.1x Configuration
1.1 Introduction to 802.1x
The 802.1x protocol (802.1x for short) was developed by IEEE802 LAN/WAN
committee to address security issues of wireless LANs. It was then used in Ethernet as
a common access control mechanism for LAN ports to address mainly authentication
and security problems.
802.1x is a port-based network access control protocol. It authenticates and controls
devices requesting for access in terms of the ports of LAN access control devices. With
the 802.1x protocol employed, a user-side device can access the LAN only when it
passes the authentication. Those failing to pass the authentication are denied when
accessing the LAN, as if they are disconnected from the LAN.
1.1.1 Architecture of 802.1x Authentication
802.1x adopts a client/server architecture with three entities: a supplicant system, an
authenticator system, and an authentication server system, as shown in the following
figure.
Supplicant system
Supplicant system
Supplicant system
Supplicant system
Supplicant PAE
Supplicant PAE
Supplicant PAE
Supplicant PAE
Figure 1-1 Architecture of 802.1x authentication
The supplicant system is an entity residing at one end of the LAN segment and is
authenticated by the authenticator system connected to the other end of the LAN
segment. The supplicant system is usually a user terminal device. An 802.1x
authentication is initiated when a user launches client program on the supplicant
system. Note that the client program must support the EAPoL (extensible
authentication protocol over LANs).
Authenticator system
Authenticator system
Authenticator system
Authenticator system
Servic es pr ovided by
Servic es pr ovided by
Servic es pr ovided by
Servic es pr ovided by
authenticat or
authenticat or
authenticat or
authenticat or
Port not authorized
Port not authorized
Port not authorized
Port not authorized
Controlled port
Controlled port
Port under
Port under
control
control
LAN/WLAN
LAN/WLAN
LAN/WLAN
LAN/WLAN
Huawei Technologies Proprietary
1-1
Chapter 1 802.1x Configuration
Authenticat or PAE
Authenticat or PAE
Authenticat or PAE
Authenticat or PAE
Port not
Port not
Uncontrolled
Uncontrolled
Under
Under
port
port
control
control
Authentication
Authentication
Authentication
Authentication
server system
server system
server system
server system
Authentication
Authentication
Authentication
Authentication
server
server
server
server
- Quick Links:
- Switch Models
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
