The authentication server authenticates each workstation that is
connected to a switch port before making available any services offered by the switch or
the LAN. Figure 2-36 shows the roles of each device in port-based authentication.
Figure 2-36 802.1X Port-Based Authentication
Until the workstation is authenticated, 802.1x access control allows only Extensible
Authentication Protocol over LAN (EAPOL) traf?¬?c through the port to which the workstation
is connected. After authentication succeeds, normal traf?¬?c can pass through the port.
With 802.1X port-based authentication, the devices in the network have speci?¬?c roles, as
follows:
?– Client: The device (workstation) that requests access to the LAN and switch services
and responds to requests from the switch. The workstation must be running 802.1Xcompliant
client software, such as that offered in the Microsoft Windows XP operating
system. The port to which the client is attached is the supplicant (client) in the IEEE
802.1X speci?¬?cation.
?– Authentication server: Performs the actual authentication of the client. The
authentication server validates the identity of the client and noti?¬?es the switch whether
the client is authorized to access the LAN and switch services.
Pages:
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134