Control direction, Eap over lans, Eapol frame format – H3C Technologies H3C WX6000 Series Access Controllers User Manual

35-3

Figure 35-2 Authorized/unauthorized state of a controlled port

You can control the port authorization status of a port by setting port authorization mode to one of the

following three:

Force-Authorized: Places the port in authorized state, allowing users of the port to access the

network without authentication.

Force-Unauthorized: Places the port in unauthorized state, denying any access requests from

users of the port.

Auto: Places the port in the unauthorized state initially to allow only EAPOL packets to pass, and

turns the port into the authorized state to allow access to the network after the users pass

authentication. This is the most common choice.

Control direction

In the unauthorized state, the controlled port can be set to deny traffic to and from the client or just the

traffic from the client.

Currently, your device can only be set to deny traffic from the client.

EAP over LANs

EAPOL frame format

EAPOL, defined in 802.1X, is intended to carry EAP protocol packets between clients and devices over

LANs.

Figure 35-3

shows the EAPOL frame format.