Reference7:Configuration/ETH/802.1X: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
(New page: 802.1X, Port-Based Network Control, is an IEEE standard. The standard allows LAN devices (wired network cabling!) to perform an authentication handshake within the 802.3 link layer (Ethern...)
 
(Removed concept content. Linked concept article.)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
802.1X, Port-Based Network Control, is an IEEE standard. The standard allows LAN devices (wired network cabling!) to perform an authentication handshake within the 802.3 link layer (Ethernet).
;'''EAP-MD5''':
The authentication is encapsulated within EAP over LAN (EAPOL) frames. No other traffic, except EAPOL is allowed prior to a successful authentication<ref>802.1X must not be considered a bullet-proof security mechanism, since all traffic following the authentication phase is not authenticated</ref>.
* '''User''' Enter the user/identity to authenticate with.
* '''Password''' Enter the shared secret for the MD5 challenge/response handshake.


The standard specifies the following parties participating in an 802.1X authentication:
=Notes=
* Supplicant: The party supplying credentials towards an authenticator on the other side of a point-to-point link. An IP phone fulfills a supplicant's role.
* Authenticator: The party facilitating the authentication. A switch will usually be the authenticator.
* Authentication Server: The party providing the authentication service to the authenticator. The 802.1X standard mentions a RADIUS server to be an authentication server.
 
'''Sample Protocol Flow:'''
 
[[Image:802dot1x-EAPOL-640x480.gif]]
 
''An 802.1X EAP-MD5<ref>innovaphone devices support the EAP-MD5 authentication handshake.</ref> authentication handshake<ref>Message 9 within the sample protocol flow from above does often piggy-back additional RADIUS attributes with the intent to configure VLAN parameters at the authenticator/switch device. 802.1x thereby allows for user-related VLAN configuration at the authenticator/switch.</ref>.''
 
'''EAP-MD5:'''
* User: Enter the user/identity to authenticate with.
* Password: Enter the shared secret for the MD5 challenge/response handshake.
 
 
==Notes==
<references/>
<references/>
[[Concept_802.1X|Concept 802.1X]]

Latest revision as of 13:47, 25 March 2015

EAP-MD5
  • User Enter the user/identity to authenticate with.
  • Password Enter the shared secret for the MD5 challenge/response handshake.

Notes

Concept 802.1X

Retrieved from "https://wiki.innovaphone.com/index.php?title=Reference7:Configuration/ETH/802.1X&oldid=37231"