beautypg.com

Authentication server – Allied Telesis AT-S60 User Manual

Page 411

background image

Chapter 25: 802.1x Port-Based Access Control

Section III: Security Features

410

Authentication Server

The authentication server verifies the supplicant’s details passed to it by
the authenticator. This implementation of 802.1x control requires that a
port acting as an authenticator must communicate with a RADIUS
authentication server. The RADIUS server must be capable of receiving
and deciphering EAP in RADIUS packets. See Figure 143.

The supported encryption mechanisms for communication with the
RADIUS server are EAP-MD5.

For more information on RADIUS, refer to TACACS+ and RADIUS
Overview on page 396.

Figure 143 Authentication Messaging Exchange

8021X5

Port Unauthorised

EAPOL-Start

EAP-Request/Identity

EAP-Response/Identity

EAP-Request/OTP

EAP-Response/OTP

EAP-Success

Port Authorised

Authenticator PAE

Authentication Server

Supplicant PAE

EAPOL-Logoff

Port Unauthorised

Exchange of EAPOL frames

Excange of EAP frames carried
by RADIUS

See also other documents in the category Allied Telesis Computer hardware: