Manualshelf

Technical data

ManualsBrandsBlade Network Technologies ManualsComputer AccessoriesG8000
41424344454647484950
BLADE OS 5.1 Application Guide
BMD00136, November 2009 Chapter 2: Port-based Network Access Control
43
Figure 1 Authenticating a Port Using EAPoL
EAPoL Message Exchange
During authentication, EAPOL messages are exchanged between the client and the G8000
authenticator, while RADIUS-EAP messages are exchanged between the G8000 authenticator and
the RADIUS server.
Authentication is initiated by one of the following methods:
The G8000 authenticator sends an EAP-Request/Identity packet to the client
Client sends an EAPOL-Start frame to the G8000 authenticator, which responds with an
EAP-Request/Identity frame.
The client confirms its identity by sending an EAP-Response/Identity frame to the G8000
authenticator, which forwards the frame encapsulated in a RADIUS packet to the server.
802.1X Client
RADIUS
Server
Radius-Access-Request
Radius-Access-Challenge
Radius-Access-Request
Radius-Access-Accept
EAP-Request (Credentials)
EAP-Response (Credentials)
EAP-Success
EAP-Request (Identity)
EAP-Response (Identity)
EAPOL-Start
Port Authorized
Port Unauthorized
G8000
(Authenticator)
(RADIUS Client)
EAPOL
Ethernet
RADIUS-EAP
UDP/IP