1-5
z
The Length field indicates the size of an EAP packet, which includes the Code, Identifier, Length,
and Data fields.
z
The Data field carries the EAP packet, whose format differs with the Code field.
A Success or Failure packet does not contain the Data field, so the Length field of it is 4.
shows the format of the Data field of a Request packet or a Response packet.
Figure 1-5
The format of the Data field of a Request packet or a Response packet
z
The Type field indicates the EAP authentication type. A value of 1 indicates Identity and that the
packet is used to query the identity of the peer. A value of 4 represents MD5-Challenge (similar to
PPP CHAP) and indicates that the packet includes query information.
z
The Type Date field differs with types of Request and Response packets.
Fields added for EAP authentication
Two fields, EAP-message and Message-authenticator, are added to a RADIUS protocol packet for EAP
authentication. (Refer to the Introduction to RADIUS protocol section in the
AAA Operation
for
information about the format of a RADIUS protocol packet.)
The EAP-message field, whose format is shown in
, is used to encapsulate EAP packets. The
maximum size of the string field is 253 bytes. EAP packets with their size larger than 253 bytes are
fragmented and are encapsulated in multiple EAP-message fields. The type code of the EAP-message
field is 79.
Figure 1-6
The format of an EAP-message field
0
15
Type
String
7
Length
N
EAP packets
The Message-authenticator field, whose format is shown in
, is used to prevent unauthorized
interception to access requesting packets during authentications using CHAP, EAP, and so on. A packet
with the EAP-message field must also have the Message-authenticator field. Otherwise, the packet is
regarded as invalid and is discarded.
Figure 1-7
The format of an Message-authenticator field
802.1x Authentication Procedure
Switch 4200G can authenticate supplicant systems in EAP terminating mode or EAP relay mode.
Содержание Switch 4800G PWR 24-Port
Страница 165: ...1 8 4 mac address es found on port GigabitEthernet1 0 2 ...
Страница 214: ...ii Displaying and Maintaining System Guard 4 1 ...
Страница 445: ...ii ...
Страница 727: ...i Table of Contents Appendix A Acronyms A 1 ...
Страница 730: ...A 3 VOD Video On Demand W WRR Weighted Round Robin X XID eXchange Identification XRN eXpandable Resilient Networking ...