Table of Contents
Advertisement
connected to a switch port before making available any services offered by the
switch or the LAN.
Until the client is authenticated, 802.1X access control allows only Extensible
Authentication Protocol over LAN (EAPOL) traffic through the port to which the client
is connected. After authentication is successful, normal traffic can pass through the
port.
This section includes this conceptual information:
• Device Roles
• Authentication Initiation and Message Exchange
• Ports in Authorized and Unauthorized States
• Device Roles
With 802.1X port-based authentication, the devices in the network have specific roles
as shown below.
Figure 5-63: 802.1x device role
• Client-the device (workstation) that requests access to the LAN and switch
services and responds to requests from the switch. The workstation must be
running 802.1X-compliant client software such as that offered in the Microsoft
Windows XP operating system. (The client is the supplicant in the IEEE 802.1X
specification.)
• Authentication server-performs the actual authentication of the client. The
authentication server validates the identity of the client and notifies the switch
whether or not the client is authorized to access the LAN and switch services.
Because the switch acts as the proxy, the authentication service is transparent to
GE-DSH-73/DSH-82 and DSH-82-PoE User Manual
Chapter 5: Web-Based Management
119
Advertisement
Table of Contents
