Configuring
Terminology
EAP (Extensible Authentication Protocol): EAP enables network access that supports multiple authentication methods.
EAPOL : Extensible Authentication Protocol Over LAN, as defined in the
802.1x standard.
Friendly Client: A client that does not pose a security risk if given access to the switch and your network.
MD5: An algorithm for calculating a unique digital signature over a stream of bytes. It is used by CHAP to perform authentication without revealing the shared secret (password).
PVID (Port VID): This is the VLAN ID for the untagged VLAN to which an 802.1x port belongs.
Static VLAN: A VLAN that has been configured as "permanent" on the switch by using the CLI vlan < vid > command or the Menu interface.
Supplicant: The entity that must provide the proper credentials to the switch before receiving access to the network. This is usually an
Tagged VLAN Membership: This type of VLAN membership allows a port to be a member of multiple VLANs simultaneously. If a client connected to the port has an operating system that supports 802.1q VLAN tagging, then the client can access VLANs for which the port is a tagged member. If the client does not support VLAN tagging, then it can access only a VLAN for which the port is an untagged member. (A port can be an untagged member of only one VLAN at a time.) 802.1x Open VLAN mode does not affect a port’s tagged VLAN access unless the port is statically configured as a member of a VLAN that is also configured as the