1-3
z
The controlled port and uncontrolled port are two parts of the same port. Any packets arriving at the
port are available to both of them.
Authorized state and unauthorized state
The controlled port can be set in either the authorized or unauthorized status, which depends on the
authentication result, as shown in
Figure 1-2
.
Figure 1-2
Authorized/unauthorized status of a controlled port
You can set the authorization mode of a specified port to control the port authorization status. The
authorization modes include:
z
authorized-force
: Places the port in the authorized state, allowing users of the ports to access the
network without authentication.
z
unauthorized-force
: Places the port in the unauthorized state, denying any access requests from
users of the ports.
z
auto
: Places the port in the unauthorized state initially to allow only EAPOL packets to pass, and
turns the ports into the authorized state to allow access to the network after the users pass
authentication. This is the most common choice.
Control direction
In the unauthorized state, the controlled port can be set to deny traffic to and from the client or just the
traffic from the client.
Currently, your device can only be set to deny traffic from the client.
EAP over LAN
EAPOL packet format
EAPOL, defined in 802.1X, is intended to carry EAP protocol packets between clients and devices over
LANs.
Figure 1-3
shows the EAPOL packet format.
Содержание S7902E
Страница 82: ...1 4 DeviceA interface tunnel 1 DeviceA Tunnel1 service loopback group 1 ...
Страница 200: ...1 11 DeviceB display vlan dynamic No dynamic vlans exist ...
Страница 494: ...ii Displaying and Maintaining Tunneling Configuration 1 45 Troubleshooting Tunneling Configuration 1 45 ...
Страница 598: ...ii ...
Страница 1757: ...4 9 ...
Страница 1770: ...6 4 ...
Страница 2017: ...2 11 Figure 2 3 SFTP client interface ...
Страница 2062: ...i Table of Contents 1 URPF Configuration 1 1 URPF Overview 1 1 What is URPF 1 1 How URPF Works 1 1 Configuring URPF 1 2 ...
Страница 2238: ...1 16 DeviceA cfd linktrace service instance 1 mep 1001 target mep 4002 ...
Страница 2442: ...2 4 Set the interval for sending Syslog or trap messages to 20 seconds Device mac address information interval 20 ...