system of Authenticator system pack EAP info. from 802.1x supplicant system into RADIUS and
send to authentication server system, and unpack EAP info. in RADIUS protocol from
authentication server system and send to 802.1x supplicant system through 802.1x service
Authentication server system indicates the actual device to make authentication for supplicants.
Authentication server system accepts and checks user’s ID info. from authenticator system. If it
is successful authentication server system will authenticate to authenticator system and allow
user to visit internet, instead authentication server system will inform user that is failure and who
cannot visit internet. Communications between authentication server system and authenticator
system are completed through RADIUS protocol extended by EAP. UTStarcom provides
authenticator accounting system HyperBoss to make authentication and accounting.
2. Protocol packet introduction
Authentication data flow forwarded by 802.1x rpotocol on internet is in EAPOL (EAP Over LAN)
framen format, all users’ ID info. (Including users’ names and passwords) are packed in EAP
(Extended authentication protocol), and the EAP is packed into EAPOL frame. Users’ names
exist in EAP in public, but passwords exist in MD5 enciphered form.
EAPOL frame format please refer to Figure 8-2. PAE Ethernet Type is for EAPOL, whose value
is 0x888E, Protocol Version is for EAPOL, whose value is 1. Packet Type means the size of
EAPOL frame. Packet Body Length means the total length of EAPOL frame content. Packet
Body means the content of EAPOL frame.
Figrure. 8-2 EAPOL Frame Format