EDS-510A Series User’s Manual

Featured Functions

The EDS-510A acts as an authenticator in the 802.1X environment. A supplicant and an authenticator exchange EAPOL (Extensible Authentication Protocol over LAN) frames with each other. We can either use an external RADIUS server as the authentication server, or implement the authentication server in the EDS-510A by using a Local User Database as the authentication look-up table. When we use an external RADIUS server as the authentication server, the authenticator and the authentication server exchange EAP frames between each other.

Authentication can be initiated either by the supplicant or the authenticator. When the supplicant initiates the authentication process, it sends an “EAPOL-Start” frame to the authenticator. When the authenticator initiates the authentication process or when it receives an “EAPOL Start” frame, it sends an “EAP Request/Identity” frame to ask for the username of the supplicant. The following actions are described below:

Message Exchange

Authentication

Clientserver (RADIUS)

EAPOL-Start

EAP-Request/Identity

EAP-Response/Identity

EAP-Request/OTP

EAP-Response/OTP

EAP-Success

RADIUS Access-Request

RADIUS Access-Challenge

RADIUS Access-Request

RADIUS Access-Accept

Port Authorized

EAPOL-Logoff

Port Unauthorized

1.When the supplicant receives an “EAP Request/Identity” frame, it sends an “EAP Response/Identity” frame with its username back to the authenticator.

2.If the RADIUS server is used as the authentication server, the authenticator relays the “EAP Response/Identity” frame from the supplicant by encapsulating it into a “RADIUS Access-Request” frame and sends to the RADIUS server. When the authentication server receives the frame, it looks up its database to check if the username exists. If the username is not present, the authentication server replies with a “RADIUS Access-Reject” frame to the authenticator if the server is a RADIUS server or just indicates failure to the authenticator if the Local User Database is used. The authenticator sends an “EAP-Failure” frame to the supplicant.

3.The RADIUS server sends a “RADIUS Access-Challenge,” which contains an “EAP Request” with an authentication type to the authenticator to ask for the password from the client. RFC 2284 defines several EAP authentication types, such as “MD5-Challenge,” “One-Time Password,” and “Generic Token Card.” Currently, only “MD5-Challenge” is supported. If the Local User Database is used, this step is skipped.

4.The authenticator sends an “EAP Request/MD5-Challenge” frame to the supplicant. If the RADIUS server is used, the “EAP Request/MD5-Challenge” frame is retrieved directly from the “RADIUS Access-Challenge” frame.

3-50

Page 64 Page 66
Page 65
Image 65
Moxa Technologies EDS-510A, Moxa EtherDevice Switch user manual Message Exchange
Page 64 Page 66

EDS-510A, Moxa EtherDevice Switch specifications

Moxa Technologies is a leader in providing innovative networking solutions for industrial applications, and one of its standout products is the Moxa EtherDevice Switch, EDS-510A. This robust, managed Ethernet switch is specifically designed for reliable performance in challenging industrial environments, making it an ideal choice for various applications, including automation, transportation, and power generation.

The EDS-510A features five 10/100Base-TX Fast Ethernet ports, allowing flexibility in connecting multiple devices. Additionally, it offers two Gigabit Ethernet ports for uplink, enabling high-speed connections to aggregation switches or routers. The switch supports both redundant power inputs and a wide operating temperature range of -40 to 75 degrees Celsius, ensuring continuity of service even in extreme conditions.

One of the key features of the EDS-510A is its support for IEEE 802.3at PoE (Power over Ethernet). This technology allows the switch to deliver power to connected devices such as IP cameras and wireless access points through the Ethernet cable, which simplifies installation and reduces the need for additional power sources. This is especially beneficial in remote locations where power availability may be limited.

The EDS-510A is also equipped with advanced management features that include VLAN support, port mirroring, and QoS (Quality of Service) capabilities. These features enhance network performance and security, enabling users to prioritize critical traffic and segment the network for better control. Moreover, it supports SNMP (Simple Network Management Protocol), allowing for easy integration into existing network management systems.

Another notable characteristic is the switch's rugged design. With a metal housing that provides excellent EMI (Electromagnetic Interference) protection, the EDS-510A can withstand harsh industrial environments. It is also compliant with various industrial standards, reinforcing its suitability for mission-critical applications.

In summary, the Moxa EtherDevice Switch, EDS-510A, is engineered to meet the demands of modern industrial networking. With its combination of PoE capability, advanced management features, and rugged design, it ensures reliable and efficient network performance, making it an excellent choice for organizations looking to enhance their industrial networking infrastructure. Whether deployed in factories, transportation systems, or utility environments, the EDS-510A continues to be a trusted solution for numerous applications.
Top Page Image Contents