OS10 Enterprise Edition User Guide Release 10.4.1.0

PDF

Port authentication

The process begins when the authenticator senses a link status change from down to up:

  1. The authenticator requests that the supplicant identify itself using an EAP Request Identity frame.
  2. The supplicant responds with its identity in an EAP Response Identity frame.
  3. The authenticator decapsulates the EAP response from the EAPOL frame, encapsulates it in a RADIUS Access Request frame, and forwards the frame to the authentication server.
  4. The authentication server replies with an Access Challenge frame who requests that the supplicant verifies its identity using an EAP-Method. The authenticator translates and forwards the challenge to the supplicant.
  5. The supplicant negotiates the authentication method and the supplicant provides the EAP Request information in an EAP Response. Another Access Request frame translates and forwards the response to the authentication server.
  6. If the identity information the supplicant provides is valid, the authentication server sends an Access Accept frame in which network privileges are specified. The authenticator changes the port state to authorize and forwards an EAP Success frame. If the identity information is invalid, the server sends an Access Reject frame. If the port state remains unauthorized, the authenticator forwards an EAP Failure frame.

eap port authenticator


Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\