HP 1920-16G, 1920-24G, 1920-24G-PoE+ (180W), 1920-48G, 1920-8G, 1920-8G-PoE+ (180W), 1920-8G-PoE+ (65W) 339

Packet exchange method Benefits

Limitations

Works with any RADIUS

EAP terminationserver that supports PAP or CHAP authentication.

•Supports only MD5-Challenge EAP authentication and the "username + password" EAP authentication initiated by an HP iNode 802.1X client.

•The processing is complex on the network access device.

EAP relay

Figure 306 shows the basic 802.1X authentication procedure in EAP relay mode, assuming that EAP-MD5 is used.

Figure 306 802.1X authentication procedure in EAP relay mode

1.When a user launches the 802.1X client software and enters a registered username and password, the 802.1X client software sends an EAPOL-Start packet to the network access device.

2.The network access device responds with an Identity EAP-Request packet to ask for the client username.

3.In response to the Identity EAP-Request packet, the client sends the username in an Identity EAP-Response packet to the network access device.

4.The network access device relays the Identity EAP-Response packet in a RADIUS Access-Request packet to the authentication server.

326

HP manual 339

Models: 1920-16G 1920-24G 1920-24G-PoE+ (180W) 1920-48G 1920-8G 1920-8G-PoE+ (180W) 1920-8G-PoE+ (65W)