74 RackSwitch G8000: Application Guide
The RADIUS authentication server chooses an EAP-supported authentication
algorithm to verify the client’s identity, and sends an EAP-Request packet to the
client via the G8000 authenticator. The client then replies to the RADIUS server with
an EAP-Response containing its credentials.
Upon a successful authentication of the client by the server, the 802.1X-controlled
port transitions from unauthorized to authorized state, and the client is allowed full
access to services through the controlled port. When the client later sends an
EAPOL-Logoff message to the G8000 authenticator, the port transitions from
authorized to unauthorized state.
If a client that does not support 802.1X connects to an 802.1X-controlled port, the
G8000 authenticator requests the client's identity when it detects a change in the
operational state of the port. The client does not respond to the request, and the port
remains in the unauthorized state.
Note: When an 802.1X-enabled client connects to a port that is not
802.1X-controlled, the client initiates the authentication process by sending
an EAPOL-Start frame. When no response is received, the client retransmits
the request for a fixed number of times. If no response is received, the client
assumes the port is in authorized state, and begins sending frames, even if
the port is unauthorized.
To Next Page
Loading...
Need help?
General
