Configuration Guide 802.1x Configuration
802.1x Configuration
Overview
In an IEEE 802 LAN, users can access the network device without authorization and authorization as long as they are
connected to the network device. Therefore, an unauthorized user can access the network unobstructed by connecting
the LAN. As the wide application of LAN technology, particularly the appearance of the operating network, it is necessary
to address the safety authentication needs of the network. It has become the focus of concerns in the industry that how to
provide user with the authentication on the legality of network or device access on the basis of simple and cheap Ethernet
technologies. The IEEE 802.1x protocol is developed under such a context.
As a Port-Based Network Access Control standard, the IEEE802.1x provides LAN access point-to-point security access.
Specially designed by the IEEE Standardization Commission to tackle the safety defects of Ethernet, this standard can
provide a means to authenticate the devices and users connected to the LAN by utilizing the advantages of IEEE 802
LAN.
The IEEE 802.1x defines a mode based on Client-Server to restrict unauthorized users from accessing the network.
Before a client can access the network, it must first pass the authentication of the authentication server.
Before the client passes the authentication, only the EAPOL (Extensible Authentication Protocol over LAN) packets can
be transmitted over the network. After successful authentication, normal data streams can be transmitted over the
network.
By using 802.1x, our switches provide Authentication, Authorization, and Accounting (AAA).
Authentication: It is used to determine whether a user has the access, restricting illegal users.
Authorization: It authorizes the services available to users, controlling the rights of valid users.
Accounting: It records users' use of network resources, providing the supporting data for charging.
The 802.1x is described in the following aspects as below:
Device Roles
Authentication Initiation and Packet Interaction During Authentication
States of Authorized Users and Unauthorized Users
Topologies of Typical Applications
Device Roles
In the IEEE802.1x standard, there are three roles: supplicant, authenticator, and authentication server. In practice,
they are the Client, network access server (NAS) and Radius-Server.
To Next Page
Loading...
