DES-3010F/DES-3010FL/DES-3010G/DES-3016/DES-3018/DES-3026 Fast Ethernet Switch Manual
140
802.1X
802.1X Port-Based and MAC-Based Access Control
The IEEE 802.1X standard is a security measure for authorizing and authenticating users to gain access to
various wired or wireless devices on a specified Local Area Network by using a Client and Server based
access control model. This is accomplished by using a RADIUS server to authenticate users trying to access
a network by relaying Extensible Authentication Protocol over LAN (EAPOL) packets between the Client
and the Server. The following figure represents a basic EAPOL packet:
Figure 10- 4. The EAPOL Packet
Utilizing this method, unauthorized devices are restricted from connecting to a LAN through a port to which
the user is connected. EAPOL packets are the only traffic that can be transmitted through the specific port
until authorization is granted. The 802.1X Access Control method has three roles, each of which are vital to
creating and maintaining a stable and working Access Control security method.
Figure 10- 5. The three roles of 802.1X
The following section will explain the three roles of Client, Authenticator and Authentication Server in
greater detail.