Stephen Technologies Co.,Limited
www.stephen-tele.com
11.1.3 802.1x Authentication Process
802.1x configures EAP frame to carry the authentication information. The Standard defines
the following types of EAP frames:
EAP-Packet: Authentication information frame, used to carry the authentication
information.
EAPoL-Start: Authentication originating frame, actively originated by the Supplicant.
EAPoL-Logoff: Logoff request frame, actively terminating the authenticated state.
EAPoL-Key: Key information frame, supporting to encrypt the EAP packets.
EAPoL-Encapsulated-ASF-Alert: Supports the Alerting message of Alert Standard Forum
(ASF).
The EAPoL-Start, EAPoL-Logoff and EAPoL-Key only exist between the Supplicant and the
Authenticator. The EAP-Packet information is re-encapsulated by the Authenticator System
and
then
transmitted
to
the
Authentication
Server
System.
The
EAPoL-Encapsulated-ASF-Alert is related to the network management information and
terminated by the Authenticator.
802.1x provides an implementation solution of user ID authentication. However, 802.1x itself
is not enough to implement the scheme. The administrator of the access device should
configure RADIUS or local authentication so as to assist 802.1x to implement the user ID
authentication.
11.1.4 Implement 802.1x on Ethernet Switch
SPEED Series Ethernet Switches not only support the port access authentication method
regulated by 802.1x, but also extend and optimize it in the following way:
Support to connect several End Stations in the downstream via a physical port.
The access control (or the user authentication method) can be based on MAC address.
In this way, the system becomes much securer and easier to manage.
11.2 802.1x Configuration
The Main 802.1x configuration includes:
Enabling/Disabling 802.1x
Setting port authentication state
Setting maximum number of users via each port
