beautypg.com

2 the work mechanism of 802.1x -283, 3 the encapsulation of eapol messages -283, 3 the encapsulation of eapol messages – QTECH QSW-2800 Инструкция по настройке User Manual

Page 297

background image

+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1

283

3. Controlled direction

In unauthenticated status, controlled ports can be set as unidirectional controlled or bi-

directionally controlled.

When the port is bi-directionally controlled, the sending and receiving of all frames is

forbidden.

When the port is unidirectional controlled, no frames can be received from the supplicant

systems while sending frames to the supplicant systems is allowed.

Notes: At present, this kind of switch only supports unidirectional control.

38.1.2 The Work Mechanism of 802.1x

IEEE 802.1x authentication system uses EAP (Extensible Authentication Protocol) to

implement exchange of authentication information between the supplicant system,

authenticator system and authentication server system.

The Work Mechanism of 802.1x

EAP messages adopt EAPOL encapsulation format between the PAE of the supplicant system

and the PAE of the authenticator system in the environment of LAN.

Between the PAE of the authenticator system and the RADIUS server, there are two methods

to exchange information: one method is that EAP messages adopt EAPOR (EAP over

RADIUS) encapsulation format in RADIUS protocol; the other is that EAP messages terminate

with the PAE of the authenticator system, and adopt the messages containing RAP (Password

Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol) attributes to

do the authentication interaction with the RADIUS server.

When the user pass the authentication, the authentication server system will send the relative

information of the user to authenticator system, the PAE of the authenticator system will decide

the authenticated/unauthenticated status of the controlled port according to the authentication

result of the RADIUS server.

38.1.3 The Encapsulation of EAPOL Messages

1. The Format of EAPOL Data Packets

EAPOL is a kind of message encapsulation format defined in 802.1x protocol, and is mainly

used to transmit EAP messages between the supplicant system and the authenticator system

in order to allow the transmission of EAP messages through the LAN. In IEEE 802/Ethernet

See also other documents in the category QTECH Accessories communication: