IEEE 802.1x 209

EAPoL-Key: Key information frame, supporting to encrypt the EAP packets.

EAPoL-Encapsulated-ASF-Alert: Supports the Alerting message of Alert Standard Forum (ASF).

The EAPoL-Start, EAPoL-Logoff, and EAPoL-Key only exist between the Supplicant and the Authenticator. The EAP-Packet information is re-encapsulated by the Authenticator System and then transmitted to the Authentication Server System. The EAPoL-Encapsulated-ASF-Alert is related to the network management information and terminated by the Authenticator.

802.1x provides an implementation solution of user ID authentication. However, 802.1x itself is not enough to implement the scheme. The administrator of the access device should configure the AAA scheme by selecting RADIUS or local authentication to assist 802.1x in implementing the user ID authentication. For a detailed description, refer to the corresponding AAA configuration.

Implement 802.1x on Ethernet Switch

The Switch 7750 not only supports the port access authentication method regulated by 802.1x, but also extends and optimizes it in the following way:

Support to connect several End Stations in the downstream by a physical port.

The access control (or the user authentication method) can be based on port or MAC address.

In this way, the system becomes more secure, and easier to manage.

Configuring 802.1x The configuration tasks of 802.1x itself, can be fulfilled in system view of the Ethernet switch. When the global 802.1x is not enabled, the user can configure the 802.1x state of the port. The configured items will take effect after the global 802.1x is enabled.

Do not enable 802.1x and RSTP at the same time or the switch may not work normally.

The 802.1x configuration tasks are described in the following sections:

Enabling/Disabling 802.1x

Setting the Port Access Control Mode

Setting Port Access Control Method

Checking the Users that Log on the Switch by Proxy

Setting Number of Users on a Port

Enabling DHCP to Launch Authentication

Configuring the Authentication Method for 802.1x Users

Setting the Maximum Retransmission Times

Configuring Timers

Enabling/Disabling Quiet-Period Timer

Displaying and Debugging 802.1x

Page 209
Image 209
3Com 10014298 manual Implement 802.1x on Ethernet Switch