X Timer - Huawei Quidway S3900 Series Operation Manual
Hide thumbs
Also See for Quidway S3900 Series:
- Specifications (9 pages) ,
- Installation manual (95 pages) ,
- Command manual (1159 pages)
Table of Contents
Advertisement
Operation Manual – 802.1x
Quidway S3900 Series Ethernet Switches-Release 1510
Supplicant
Supplicant
Supplicant
system
system
system
EAP-Response/MD5 Challenge
EAP-Response/MD5 Challenge
EAP-Response/MD5 Challenge
Figure 1-9 802.1x authentication procedure (in EAP terminating mode)
The authentication procedure in EAP terminating mode is the same as that in the EAP
relay mode except that the randomly-generated key in the EAP terminating mode is
generated by the switch, and that it is the switch that sends the user name, the
randomly-generated key, and the supplicant system-encrypted password to the
RADIUS server for further authentication.
1.1.5 802.1x Timer
In 802.1 x authentication, the following timers are used to ensure that the supplicant
system, the switch, and the RADIUS server interact in an orderly way:
Transmission timer (tx-period): This timer sets the tx-period and is triggered by
the switch in one of the following two cases: The first case is when the client
requests for authentication. The switch sends a unicast request/identity packet to
a supplicant system and then enables the transmission timer. The switch sends
EAPOL
EAPOL
EAPOL
EAPOL-Start
EAPOL-Start
EAPOL-Start
EAP-Request/Identity
EAP-Request/Identity
EAP-Request/Identity
EAP-Response/Identity
EAP-Response/Identity
EAP-Response/Identity
EAP-Request/MD5 Challenge
EAP-Request/MD5 Challenge
EAP-Request/MD5 Challenge
EAP-Success
EAP-Success
EAP-Success
Hands hake request pac ket
Hands hake request pac ket
Hands hake request pac ket
[EAP-Request/Identity]
[EAP-Request/Identity]
[EAP-Request/Identity]
Hands hake reply pac ket
Hands hake reply pac ket
Hands hake reply pac ket
[EAP-Response/Identity]
[EAP-Response/Identity]
[EAP-Response/Identity]
......
......
......
EAPOL-Logoff
EAPOL-Logoff
EAPOL-Logoff
Huawei Technologies Proprietary
RADIUS
RADIUS
RADIUS
Switc h
Switc h
Switc h
RADIUS Access-Request
RADIUS Access-Request
RADIUS Access-Request
(CHAP-Response/MD5 Challenge)
(CHAP-Response/MD5 Challenge)
(CHAP-Response/MD5 Challenge)
RADIUS Access-Accept
RADIUS Access-Accept
RADIUS Access-Accept
(CHAP-Success)
(CHAP-Success)
(CHAP-Success)
Port acc epted
Port acc epted
Port acc epted
Hands hake ti mer ti me out
Hands hake ti mer ti me out
Hands hake ti mer ti me out
Port reject ed
Port reject ed
Port reject ed
1-9
Chapter 1 802.1x Configuration
RADIUS ser ver
RADIUS ser ver
RADIUS ser ver
- Quick Links:
- Switch Models
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
