EasyManuals Logo

Huawei Quidway S5600 Series User Manual

Huawei Quidway S5600 Series
991 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #512 background imageLoading...
Page #512 background image
Operation Manual – 802.1x
Quidway S5600 Series Ethernet Switches-Release 1510 Chapter 1
802.1x Configuration
Huawei Technologies Proprietary
1-9
Supplicant
system
Switc h
RADIUS server
EAPOL RADIUS
EAPOL-Start
EAP-Request/Identity
EAP-Response/Identity
EAP-Request/MD5 Challenge
EAP-Success
EAP-Response/MD5 Challenge
RADIUS Access-Reque
(CHAP-Response/MD5 Chal
st
lenge)
RADIUS Access-Acce
(CHAP-Success)
pt
Port acc epted
Hands hake ti mer ti me out
Hands hake request pac ket
[EAP-Request/Identity]
Hands hake reply pac ket
[EAP-Response/Identity]
EAPOL-Logoff
......
Port rejected
Supplicant
system
Switc h
RADIUS server
EAPOL RADIUS
EAPOL-Start
EAP-Request/Identity
EAP-Response/Identity
EAP-Request/MD5 Challenge
EAP-Success
EAP-Response/MD5 Challenge
RADIUS Access-Reque
(CHAP-Response/MD5 Chal
st
lenge)
RADIUS Access-Acce
(CHAP-Success)
pt
Port acc epted
Hands hake ti mer ti me out
Hands hake request pac ket
[EAP-Request/Identity]
Hands hake reply pac ket
[EAP-Response/Identity]
EAPOL-Logoff
......
Port rejected
Supplicant
system
Switc h
RADIUS server
EAPOL RADIUS
EAPOL-Start
EAP-Request/Identity
EAP-Response/Identity
EAP-Request/MD5 Challenge
EAP-Success
EAP-Response/MD5 Challenge
RADIUS Access-Reque
(CHAP-Response/MD5 Chal
st
lenge)
RADIUS Access-Acce
(CHAP-Success)
pt
Port acc epted
Hands hake ti mer ti me out
Hands hake request pac ket
[EAP-Request/Identity]
Hands hake reply pac ket
[EAP-Response/Identity]
EAPOL-Logoff
......
Port rejected
Figure 1-9 802.1x authentication procedure (in EAP terminating mode)
The authentication procedure in EAP terminating mode is the same as that in the EAP
relay mode except that the randomly-generated key in the EAP terminating mode is
generated by the switch, and that it is the switch that sends the user name, the
randomly-generated key, and the supplicant system-encrypted password to the
RADIUS server for further authentication.
1.1.5 802.1x Timer
In 802.1 x authentication, the following timers are used to ensure that the supplicant
system, the switch, and the RADIUS server interact in an orderly way:
z Transmission timer (tx-period): This timer sets the tx-period and is triggered by
the switch in one of the following two cases: The first case is when the client
requests for authentication. The switch sends a unicast request/identity packet to
a supplicant system and then enables the transmission timer. The switch sends

Table of Contents

Other manuals for Huawei Quidway S5600 Series

Preview: Installation Manual
Installation Manual73 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Huawei Quidway S5600 Series and is the answer not in the manual?

Huawei Quidway S5600 Series Specifications

General IconGeneral
BrandHuawei
ModelQuidway S5600 Series
CategorySwitch
LanguageEnglish

Related product manuals