Moxa Technologies EDS-510A, Moxa EtherDevice Switch user manual Message Exchange

Page 65

EDS-510A Series User’s Manual

Featured Functions

The EDS-510A acts as an authenticator in the 802.1X environment. A supplicant and an authenticator exchange EAPOL (Extensible Authentication Protocol over LAN) frames with each other. We can either use an external RADIUS server as the authentication server, or implement the authentication server in the EDS-510A by using a Local User Database as the authentication look-up table. When we use an external RADIUS server as the authentication server, the authenticator and the authentication server exchange EAP frames between each other.

Authentication can be initiated either by the supplicant or the authenticator. When the supplicant initiates the authentication process, it sends an “EAPOL-Start” frame to the authenticator. When the authenticator initiates the authentication process or when it receives an “EAPOL Start” frame, it sends an “EAP Request/Identity” frame to ask for the username of the supplicant. The following actions are described below:

Message Exchange

Authentication

Clientserver (RADIUS)

EAPOL-Start

EAP-Request/Identity

EAP-Response/Identity

EAP-Request/OTP

EAP-Response/OTP

EAP-Success

RADIUS Access-Request

RADIUS Access-Challenge

RADIUS Access-Request

RADIUS Access-Accept

Port Authorized

EAPOL-Logoff

Port Unauthorized

1.When the supplicant receives an “EAP Request/Identity” frame, it sends an “EAP Response/Identity” frame with its username back to the authenticator.

2.If the RADIUS server is used as the authentication server, the authenticator relays the “EAP Response/Identity” frame from the supplicant by encapsulating it into a “RADIUS Access-Request” frame and sends to the RADIUS server. When the authentication server receives the frame, it looks up its database to check if the username exists. If the username is not present, the authentication server replies with a “RADIUS Access-Reject” frame to the authenticator if the server is a RADIUS server or just indicates failure to the authenticator if the Local User Database is used. The authenticator sends an “EAP-Failure” frame to the supplicant.

3.The RADIUS server sends a “RADIUS Access-Challenge,” which contains an “EAP Request” with an authentication type to the authenticator to ask for the password from the client. RFC 2284 defines several EAP authentication types, such as “MD5-Challenge,” “One-Time Password,” and “Generic Token Card.” Currently, only “MD5-Challenge” is supported. If the Local User Database is used, this step is skipped.

4.The authenticator sends an “EAP Request/MD5-Challenge” frame to the supplicant. If the RADIUS server is used, the “EAP Request/MD5-Challenge” frame is retrieved directly from the “RADIUS Access-Challenge” frame.

3-50

Page 64 Page 66
Image 65
Page 64 Page 66
Contents First Edition, October Moxa EtherDevice Switch EDS-510A Series User’s ManualDisclaimer Copyright NoticeTrademarks Table of Contents Chapter EDS Configurator GUI Introduction Features Package ChecklistOverview Industrial Networking CapabilityRecommended Software and Accessories Useful Utility and Remote ConfigurationGetting Started Connection Caution RS-232 Console Configuration 115200, None, 8, 1, VT100EDS-510A Series User’s Manual Key Function Configuration using a Telnet Console Configuration using a Web Browser EDS-510A Series User’s Manual Disabling Telnet and Browser Access Featured Functions System Identification Configuring Basic SettingsAccount PasswordPassword Any host on a specific subnetwork can access the EDS-510A Accessible IPAny host can access the EDS-510A Allowable Hosts Input formatPort EnableDescription NameFDX Flow Ctrl NetworkSpeed Switch IP Address Auto IP ConfigurationSwitch Subnet Mask Default GatewayCurrent Time TimeCurrent Date System Up TimeTime zone before setting the time Turbo Ring DIP SwitchTime Server IP/Name Time Server Query PeriodDIP Switch Turbo Ring DIP Description DIP Switch Hardware ConfigurationConfiguration Files Path and Name System File Update-By Remote TftpTftp Server IP/Name Firmware Files Path and NameSystem File Update-By Backup Media System File Update-By Local Import/ExportRestart Using Port TrunkingFactory Default Port Trunking Concept Trunk Type Configuring Port TrunkingTrunk Group Maximum of 3 trunk groups Setting Description Configuring SnmpAvailable Ports/Member Port Trunk TableV1, V2c Write/Read Community Snmp VersionsV1, V2c Read Community 1st Trap Server IP/Name Trap SettingsGigabit Ethernet Redundant Ring Capability 300 ms Using Communication RedundancyPrivate MIB information Turbo Ring Concept Initial SetupWhen the number of EDS-510A units in the Turbo Ring is even Ring Coupling Configuring Turbo Ring STP/RSTP Concept Following explanation uses bridge instead of switch What is STP?STP Requirements How STP WorksPort Speed Path Cost 802.1D Edition 802.1w-2001 STP CalculationSTP Reconfiguration STP ConfigurationDifferences between Rstp and STP STP ExampleUsing STP on a Network with Multiple VLANs Root/Not Root Configuring STP/RSTPEnable STP per Port Forwarding DelayProtocol of Redundancy Bridge priorityPort Priority Configuration Limits of RSTP/STPPort Cost Port StatusWhat is Traffic Prioritization? Using Traffic PrioritizationTraffic Prioritization Concept How Traffic Prioritization WorksTraffic Prioritization Differentiated Services DiffServ Traffic MarkingIeee 802.1p Priority Level Ieee 802.1D Traffic Type Traffic Queues Configuring Traffic PrioritizationQoS Classification Port Highest Priority Queuing MechanismInspect TOS Inspect COSTOS/DiffServ Mapping Setting Description FactoryCoS Mapping What is a VLAN? Using Virtual LANVirtual LAN Vlan Concept Benefits of VLANsManaging a Vlan VLANs and Moxa EtherDevice SwitchCommunication Between VLANs VLANs Tagged and Untagged MembershipDevice Sample Applications of VLANs using Moxa EDS-510AVlan Settings Configuring Virtual LANManagement Vlan ID Vlan ModePort Type Port PvidPort Vlan TableWhat is an IP Multicast? Using Multicast FilteringConcept of Multicast Filtering Benefits of MulticastNetwork without multicast filtering Multicast Filtering and Moxa EtherDevice SwitchIgmp Internet Group Management Protocol Snooping Mode Igmp Multicast Filtering Query ModeGmrp Garp Multicast Registration Protocol Static Multicast MACIgmp Snooping Settings Configuring Igmp SnoopingAdd Static Multicast MAC Configuring Gmrp Using Bandwidth ManagementGmrp enable Gmrp TableTraffic Rate Limiting Settings Using Port Access ControlStatic Port Lock IeeeMessage Exchange Configuring Ieee Configuring Static Port LockRadius Server Database OptionServer Port Shared KeyLocal User Database Setup 802.1X Re-Authentication802.1X Re-Authentication Local User Database SetupPort Access Control Table Using Auto WarningConfiguring Email Warning Port Events Event TypeSystem Events Password Setting Email SetupMail Server IP/Name Account NameEvent Setup Configuring Relay WarningEmail Address Send Test EmailSystem Events Using Set Device IP Using Line-Swap-Fast-RecoveryConfiguring Line-Swap Fast Recovery Override relay alarm settingsSet up the connected devices Configuring Set Device IPMirror Port Using DiagnosisOutput data stream Bi-directionalPing Using MonitorMonitor by Switch Monitor by Port Using the MAC Address TableMAC Using Event LogSyslog Settings Using SyslogUsing HTTPS/SSL EDS-510A Series User’s Manual Featured Functions EDS Configurator GUI Broadcast Search Starting EDS ConfiguratorSearch by IP address Modify IP Address Upgrade FirmwareExport Configuration Import Configuration Locked Unlock ServerUnlocked BlankUnlocked Fixed FixedLocked Fixed MIB Groups MIB II.17 dot1dBridge Group MIB II.10 Transmission GroupMIB II.11 Snmp Group Private Traps Public TrapsInterface SpecificationsTechnology Regulatory Approvals MechanicalEnvironmental Service Information Following services are provided Moxa Internet ServicesSerial Number Problem Report FormProduct Return Procedure

EDS-510A, Moxa EtherDevice Switch specifications

Moxa Technologies is a leader in providing innovative networking solutions for industrial applications, and one of its standout products is the Moxa EtherDevice Switch, EDS-510A. This robust, managed Ethernet switch is specifically designed for reliable performance in challenging industrial environments, making it an ideal choice for various applications, including automation, transportation, and power generation.

The EDS-510A features five 10/100Base-TX Fast Ethernet ports, allowing flexibility in connecting multiple devices. Additionally, it offers two Gigabit Ethernet ports for uplink, enabling high-speed connections to aggregation switches or routers. The switch supports both redundant power inputs and a wide operating temperature range of -40 to 75 degrees Celsius, ensuring continuity of service even in extreme conditions.

One of the key features of the EDS-510A is its support for IEEE 802.3at PoE (Power over Ethernet). This technology allows the switch to deliver power to connected devices such as IP cameras and wireless access points through the Ethernet cable, which simplifies installation and reduces the need for additional power sources. This is especially beneficial in remote locations where power availability may be limited.

The EDS-510A is also equipped with advanced management features that include VLAN support, port mirroring, and QoS (Quality of Service) capabilities. These features enhance network performance and security, enabling users to prioritize critical traffic and segment the network for better control. Moreover, it supports SNMP (Simple Network Management Protocol), allowing for easy integration into existing network management systems.

Another notable characteristic is the switch's rugged design. With a metal housing that provides excellent EMI (Electromagnetic Interference) protection, the EDS-510A can withstand harsh industrial environments. It is also compliant with various industrial standards, reinforcing its suitability for mission-critical applications.

In summary, the Moxa EtherDevice Switch, EDS-510A, is engineered to meet the demands of modern industrial networking. With its combination of PoE capability, advanced management features, and rugged design, it ensures reliable and efficient network performance, making it an excellent choice for organizations looking to enhance their industrial networking infrastructure. Whether deployed in factories, transportation systems, or utility environments, the EDS-510A continues to be a trusted solution for numerous applications.
Top Page Image Contents