Unauthenticated supplicant traffic – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 1122

Authentication Introduction and Configuration
Software Reference for x310 Series Switches
42.26
AlliedWare Plus
TM
Operating System - Version 5.4.4C
C613-50046-01 REV A
Unauthenticated Supplicant Traffic
When any authentication is configured on a switch port, the question arises as to what the
switch does with packets that arrive into the switch port from unauthenticated
supplicants.
Unauthenticated supplicants fall into three categories listed below:
■
Newly attached supplicants, which are still in the process of their first authentication
attempt
■
Supplicants that have made an authentication attempt, but have failed
authentication
■
Supplicants that have been attached, but have not made an authentication attempt.
For example, on a port that has only 802.1X authentication enabled, any supplicant
that has no 802.1X client software will not be able to attempt 802.1X authentication.
In switches that are running the AlliedWare Plus
TM
Operating System, packets from all
these three categories of unathenticated supplicants are treated equally; no distinction is
made between these three categories. The treatment of the traffic from unauthenticated
supplicants does, however, depend on two factors:
■
Whether a Guest VLAN has been configured on the switch port to which the
supplicant is attached
■
Whether Web authentication has been configured on the switch port to which the
supplicant is attached
The rules governing the treatment of packets from unauthenticated supplicants are laid
out in the table below: