EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #91 background imageLoading...
Page #91 background image
78
802.1X overview
802.1X is a port-based network access control protocol initially proposed by the IEEE 802 LAN/WAN
committee for securing wireless LANs (WLANs), and it has also been widely used on Ethernet
networks for access control.
802.1X controls network access by authenticating the devices connected to 802.1X-enabled LAN
ports.
802.1X architecture
802.1X operates in the client/server model. It comprises three entities: the client (the supplicant), the
network access device (the authenticator), and the authentication server.
Figure 33 802.1X architecture
• Client—A user terminal seeking access to the LAN. It must have 802.1X software to
authenticate to the network access device.
• Network access device—Authenticates the client to control access to the LAN. In a typical
802.1X environment, the network access device uses an authentication server to perform
authentication.
• Authentication server—Provides authentication services for the network access device. The
authentication server authenticates 802.1X clients by using the data sent from the network
access device, and returns the authentication results for the network access device to make
access decisions. The authentication server is typically a Remote Authentication Dial-in User
Service (RADIUS) server. In a small LAN, you can also use the network access device as the
authentication server.
Controlled/uncontrolled port and port
authorization status
802.1X defines two logical ports for the network access port: controlled port and uncontrolled port.
Any packet arriving at the network access port is visible to both logical ports.
• Controlled port—Allows incoming and outgoing traffic to pass through when it is in the
authorized state, and denies incoming and outgoing traffic when it is in the unauthorized state,
as shown in Figure 34.
The controlled port is set in the authorized state if the client has passed
authentication, and in the unauthorized state, if the client has failed authentication.
• Uncontrolled port—Always open to receive and transmit EAPOL frames.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals