Eap Relay - HP FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Configuration manual (512 pages) ,
- Specifications (42 pages) ,
- Datasheet (20 pages)
Table of Contents
Advertisement
Packet exchange
method
EAP termination
EAP relay
Figure 33
shows the basic 802.1X authentication procedure in EAP relay mode, assuming that
EAP-MD5 is used.
Figure 33 802.1X authentication procedure in EAP relay mode
Client
(2) EAP-Request/Identity
(3) EAP-Response/Identity
(6) EAP-Request/MD5 challenge
(7) EAP-Response/MD5 challenge
(11) EAP-Request/Identity
(12) EAP-Response/Identity
The following steps describe the 802.1X authentication procedure:
1.
When a user launches the 802.1X client and enters a registered username and password, the
802.1X client sends an EAPOL-Start packet to the access device.
2.
The access device responds with an Identity EAP-Request packet to ask for the client
username.
Benefits
Works with any RADIUS server
that supports PAP or CHAP
authentication.
Device
EAPOL
(1) EAPOL-Start
(10) EAP-Success
Port authorized
...
(13) EAPOL-Logoff
Port unauthorized
(14) EAP-Failure
Limitations
•
•
EAPOR
(4) RADIUS Access-Request
(EAP-Response/Identity)
(5) RADIUS Access-Challenge
(EAP-Request/MD5 challenge)
(8) RADIUS Access-Request
(EAP-Response/MD5 challenge)
(9) RADIUS Access-Accept
(EAP-Success)
73
Supports only the following EAP
authentication methods:
MD5-Challenge EAP
authentication.
The username and password
EAP authentication initiated by
an HPE iNode 802.1X client.
The processing is complex on the
access device.
Authentication server
Advertisement
Table of Contents
Troubleshooting
