EasyManua.ls Logo

Dell Force10 S4810P - The Port-Authentication Process; 6 802.1 X

Dell Force10 S4810P
1144 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
88 | 802.1X
www.dell.com | support.dell.com
The authentication process involves three devices:
The device attempting to access the network is the supplicant. The supplicant is not allowed to
communicate on the network until the port is authorized by the authenticator. It can only communicate
with the authenticator in response to 802.1X requests.
The device with which the supplicant communicates is the authenticator. The authenicator is the gate
keeper of the network. It translates and forwards requests and responses between the authentication
server and the supplicant. The authenticator also changes the status of the port based on the results of
the authentication process. The Dell Force10 switch is the authenticator.
The authentication-server selects the authentication method, verifies the information provided by the
supplicant, and grants it network access privileges.
Ports can be in one of two states:
Ports are in an unauthorized state by default. In this state, non-802.1X traffic cannot be forwarded in
or out of the port.
The authenticator changes the port state to authorized if the server can authenticate the supplicant. In
this state, network traffic can be forwarded normally.
The Port-authentication Process
The authentication process begins when the authenticator senses that a link status has changed from down
to up:
*
Note: FTOS supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-TTLS, PEAPv0, PEAPv1, and
MS-CHAPv2 with PEAP.
Note: The Dell Force10 switches place 802.1X-enabled ports in the unauthorized state by default.
Preamble
Start Frame
Delimiter
Destination MAC
(1:80:c2:00:00:03)
Source MAC
(Auth Port MAC)
Ethernet Type
(0x888e)
Protocol Version
(1)
Packet Type
EAPOL Frame
Length
Code
(0-4)
ID
(Seq Number)
EAP-Method Frame
Length
EAP-Method
Code
(0-255)
Length
EAP-Method Data
(Supplicant Requested Credentials)
Range: 0-4
Type: 0: EAP Packet
1: EAPOL Start
2: EAPOL Logoff
3: EAPOL Key
4: EAPOL Encapsulated-ASF-Alert
Range: 0-4
Type: 0: EAP Packet
1: EAPOL Start
2: EAPOL Logoff
3: EAPOL Key
4: EAPOL Encapsulated-ASF-Alert
EAP Frame
Padding
FCS
Range: 1-4
Codes: 1: Request
2: Response
3: Success
4: Failure
Range: 1-255
Codes: 1: Identity
2: Notification
3: NAK
4: MD-5 Challenge
5: One-Time Challenge
6: Generic Token Card

Table of Contents

Other manuals for Dell Force10 S4810P

Preview: Manual
Manual60 pages
Preview: Quick Start Guide
Quick Start Guide26 pages

Related product manuals