Filter
Top Products
Alteon OS Application Guide
Chapter 2: Port-based Network Access Control
6942C4911, January 2007
802.1x Authentication Process
The clients and authenticators communicate using Extensible Authentication Protocol (EAP),
which was originally designed to run over PPP, and for which the IEEE 802.1x Standard has
defined an encapsulation method over Ethernet frames, called EAP over LAN (EAPOL).
Figure 2-1 shows a typical message exchange initiated by the client.
Figure 2-1 Authenticating a Port Using EAPoL
8
02.1x Client
RADIUS
Serve
r
Radius-Access-Request
Radius-Access-Challenge
Radius-Access-Request
Radius-Access-Accept
EAP-Request (Credentials)
EAP-Response (Credentials)
EAP-Success
EAP-Request (Credentials)
EAP-Response (Credentials)
EAPOL-Start
Port Authorized
Port Unauthorized
GbESM
(Authenticator)
(RADIUS Client)
EAPOL
Ethernet
RADIUS-EAP
UDP/IP