The access device supports the following modes:
∙Multicast trigger
∙Unicast trigger
802.1X authentication has two approaches: EAP relay and EAP termination. You choose either mode depending on the support of the RADIUS server for EAP packets and EAP authentication methods.
EAP relay is defined in IEEE 802.1X. In this mode, the network device uses EAPoR packets to send authentication information to the RADIUS server, as shown in a.
a.EAP relay
In EAP termination mode, the network access device terminates the EAP packets received from the client, encapsulates the client authentication information in standard RADIUS packets, and uses Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) to authenticate to the RADIUS server, as shown in b.
b.EAP termination
A comparison of EAP relay and EAP termination
Packet exchange method | Benefits | Limitations |
| ∙ | Supports various EAP |
|
| authentication methods. |
EAP relay | ∙ | The configuration and processing |
|
| is simple on the network access |
|
| device |
The RADIUS server must support the
324