Figure 47. example of the authenticator role – Allied Telesis AT 8000/8POE User Manual

Chapter 13: 802.1x Network Access Control

178

Section I: Using the Menus Interface

EAPOL frames. All other frames, including multicast
and broadcast frames, are discarded. The
authentication process begins when the link state of
the port changes or the port receives an EAPOL-Start
packet from a supplicant. The switch requests the
identity of the client and begins relaying authentication
prompts between the client and the authentication
server. Each client that attempts to access the network
is uniquely identified by the switch using the client's
MAC address.



Force-unauthorized - Places the port in the
unauthorized state, ignoring all attempts by the client
to authenticate. This port control setting blocks all
users from accessing the network through the port and
is similar to disabling a port and can be used to secure
a port from use. The port continues to forward EAPOL
packets, but discards all other packets, including
multicast and broadcast packets.



Force-authorized - Disables IEEE 802.1x
authentication and causes the port to transition to the
authorized state without any authentication exchange
required. The port transmits and receives normal traffic
without 802.1x-based authentication of the client. This
is the default setting. Use this port control setting for
those ports where there are network devices that are
not to be authenticated.

Figure 47 illustrates the concept of the authenticator port control settings.

Figure 47. Example of the Authenticator Role