64
Figure 24 Authorization state of a controlled port
802.1X-related protocols
802.1X uses EAP to transport authentication information for the client, the network access device, and
the authentication server. EAP is an authentication framework that uses the client/server model. It
supports a variety of authentication methods, including MD5-Challenge, EAP-TLS, and PEAP.
802.1X defines EAPOL for passing EAP packets between the client and the network access device over
a wired or wireless LAN. Between the network access device and the authentication server, 802.1X
delivers authentication information through one of the following methods:
• Encapsulates EAP packets in RADIUS by using EAPOR, as described in "EAP relay."
• Extracts authentication information from the EAP packets and encapsulates the information in
standard RADIUS packets, as described in "EAP termination."
Packet formats
EAP packet format
Figure 25 shows the EAP packet format.
Figure 25 EAP packet format
015
Code
Data
Length
7
Identifier
2
4
N
• Code—Type of the EAP packet. Options include Request (1), Response (2), Success (3), or Failure
(4).
• Identifier—Used for matching responses with requests.
• Length—Length (in bytes) of the EAP packet, which is the sum of the Code, Identifier, Length, and
Data fields.
To Next Page
Loading...
Need help?
General