GSM Series User Manual
3-15. 802.1x Configuration
The 802.1x
Before the devices or end stations can access the network resources through the ports under 802.1x control, the devices or end stations connected to a controlled port send the authentication request to the authenticator, the authenticator passes the request to the authentication server to authenticate and verify the username and password, and the server then tells the authenticator if the request has been granted access for that port.
According to IEEE802.1x, there are three components implemented. They are the Authenticator, the Supplicant and the Authentication server.
Supplicant:
It is an entity being authenticated by an authenticator. It is used to communicate with the Authenticator PAE (Port Access Entity) by exchanging the authentication message when the Authenticator PAE requests it.
Authenticator:
The Authenticator controls the state of the port, authorized or unauthorized, according to the result of the authentication message exchanged between it and a supplicant PAE. The authenticator may request the supplicant to re- authenticate itself at a configured time period. Once
A port acting as an authenticator is thought to be two logical ports, a controlled port and an uncontrolled port. A controlled port can only pass packets when the authenticator PAE is authorised, otherwise, an uncontrolled port will unconditionally pass the packets with the PAE group MAC address, which has a value of
Authentication server:
A device that provides the authentication service, through EAP, to an authenticator by using authentication credentials supplied by the supplicant to determine if the supplicant is authorised to access the network resource.
91
Alloy Computer Products Pty Ltd Copyright ©2006
