MNS-BB Software User Guide
-108-
2. The authenticator (Bridge/switch), upon receiving an EAPOL-start frame, sends a response
with an EAP-Request/Identity frame back to the supplicant. This will inform the supplicant
to give its identity.
3. The supplicant will then send back its own ID using an EAP-Response/Identity frame to the
authenticator. The authenticator will then relay this to the authentication server by
encapsulating the EAP frame on a RADIUS-Access-Request packet.
4. The RADIUS server will then send the authenticator a RADIUS-Access-Challenge packet.
The authenticator will relay this to challenge the supplicant using an EAP-Request frame.
This will inform the supplicant to pass all its credentials for authentication.
5. The supplicant will then send its credentials using an EAP-Response frame with which the
authenticator will relay using a RADIUS-Access-Request packet.
6. If the supplicant’s credentials are valid, a RADIUS-Access-Accept is sent to the
authenticator. The authenticator will then relay this on as an EAP-Success.
7. If the supplicant does not have the necessary credentials, a RADIUS-Access-Deny packet is
sent back and relayed to the supplicant as an EAP-Failure frame.
The MNS-BB Software implements the 802.1x authenticator. It fully conforms to the standards as
described in IEEE 802.1x, implementing all the state machines needed for port-based authentication.
The MNS-BB Software authenticator supports both EAPOL and EAP over RADIUS to communicate
to a standard 802.1x supplicant and RADIUS authentication server.
The MNS-BB Software authenticator has the following characteristics:
• Allow control on ports using STP-based hardware functions. EAPOL frames are STP-link
Bridge PDUs (BPDU) with its own bridge multicast address.
• Relays MD5 challenge (although not limited to) authentication protocol to RADIUS server
• Support 1 host per port authentication (limited to specification and hardware constraints)
• It supports the following management functions:
o IEEE 802.1x MIB for SNMP management
o Command Line Interface
o Web-management
21.4 CLI
CLI Commands to configure and perform 802.1x security feature.
Auth:
This command will take you to the command context of “auth” context,
Syntax: auth <enter>
LE2425A#auth
LE2425A(auth)##
show auth:
This command shows the current general authenticator global and port configuration.
To Next Page
Loading...
