User`s manual
278
DWS-1008 User’s Manual
D-Link Systems, Inc.
Conguring AAA for Network Users
3. If server-2 does not respond, because the switch has no more servers to try in
server-group-1, the switch attempts to authenticate using the next AAA method,
which is the local method.
4. The switch consults its local database for an entry that matches Jose@example.
com.
5. If a suitable local database entry exists, the authentication proceeds. If not,
authentication fails and Jose@example.com is not allowed to access the network.
IEEE 802.1X Extensible Authentication Protocol Types
Extensible Authentication Protocol (EAP) is a generic point-to-point protocol that supports
multiple authentication mechanisms. EAP has been adopted as a standard by the Institute of
Electrical and Electronic Engineers (IEEE). IEEE 802.1X is an encapsulated form for carrying
authentication messages in a standard message exchange between a user (client) and an
authenticator.
EAP A summarizes the EAP protocols (also called types or methods) supported by MSS.
EAP Authentication Protocols for Local Processing
EAP Type Description Use Considerations
EAP-MD5
(EAP with Message
Digest Algorithm 5)
Authentication
algorithm that
uses a challenge-
response
mechanism to
compare hashes
Wired authentication
only
1
This protocol
provides no
encryption or key
establishment.
EAP-TLS
(EAP with Transport
Layer Security)
Protocol that
provides mutual
authentication,
integrity-protected
encryption algorithm
negotiation, and
key exchange.
EAP-TLS provides
encryption and data
integrity checking
for the connection.
Wireless and wired
authentication.
All authentication is
processed on the
switch.
This protocol
requires X.509
public key
certicates on
both sides of the
connection.