Operation Manual - Security
Quidway S3000-EI Series Ethernet Switches Chapter 1
802.1x Configuration
Huawei Technologies Proprietary
1-1
IEEE 802.1x (hereinafter simplified as 802.1x) is a port-based network access control
the devices
d control all the
ork access control protocol and only defines the
point-to-point connection between the access device and the access port. The port can
1.1.2 802.
the typical C/S (Client/Server) system architecture. It
contains three entities, which are illustrated in the following figure: Supplicant System,
be installed with the 802.1x
ant and the Authenticator
Chapter 1 802.1x Configuration
1.1 802.1x Overview
1.1.1 802.1x Standard Overview
protocol that is used as the standard for LAN user access authentication.
In the LANs complying with the IEEE 802 standards, the user can access
and share the resources in the LAN through connecting the LAN access control device
like the LAN Switch. However, in telecom access, commercial LAN (a typical example
is the LAN in the office building) and mobile office etc., the LAN providers generally
hope to control the user’s access. In these cases, the requirement on the
above-mentioned “Port Based Network Access Control” originates.
“Port Based Network Access Control” means to authenticate an
accessed devices on the port of LAN access control device. If the user’s device
connected to the port can pass the authentication, the user can access the resources in
the LAN. Otherwise, the user cannot access the resources in the LAN. It equals that the
user is physically disconnected.
802.1x defines port based netw
be either physical or logical. The typical application environment is as follows: Each
physical port of the LAN Switch only connects to one user workstation (based on the
physical port) and the wireless LAN access environment defined by the IEEE 802.11
standard (based on the logical port), etc.
1x System Architecture
The system using the 802.1x is
Authenticator System and Authentication Server System.
The LAN access control device needs to provide the Authenticator System of 802.1x.
The devices at the user side such as the computers need to
client Supplicant software, for example, the 802.1x client provided by Huawei
Technologies Co., Ltd. (or by Microsoft Windows XP). The 802.1x Authentication
Server system normally stays in the carrier’s AAA center.
Authenticator and Authentication Server exchange information through EAP
(Extensible Authentication Protocol) frames. The Supplic
To Next Page
Loading...
Need help?
General