АМАТЕК AN-SGM28P24-400 [171/322] Brief introduction of protocol package

АМАТЕК AN-SGM28P24-400 [171/322] Brief introduction of protocol package
170 / 322
server to the RAIDUS protocol in the EAP information solution package out and sent by the
802.1x server to 802.1x client
Authentication server refers to the device that actually authenticates the user. Identity
authentication server to receive user authentication system and verify if authentication is
successful, the authentication server authorization authentication system allows the user to access
the network, if authentication fails, the authentication server authentication system tells the user
authentication failure, the user can not access the network. Communication between authentication
server and authentication system through EAP extended RADIUS protocol. network provides
authentication and billing system, HyperBoss authentication and billing for users
11.1.2 Brief introduction of protocol package
The 802.1x protocol authentication data transmission on the network flow is EAPOL (EAP
Over LAN) frame format, all the user identity information (including user name and password)
encapsulated in EAP (Extensible Authentication Protocol), EAP encapsulated in EAPOL frames.
The user name exists in the form of plaintext in the EAP, and the password exists in the form of
MD5 encryption in the EAP
The frame format of EAPOL is as follows. PAE Ethernet Type is the Ethernet protocol type
number of EAPOL, and the value is 0x888E. Protocol Version is the EAPOL version number,
which is 1. Packet Type refers to the type of EAPOL frame. Packet Body Length is the length of
the EAPOL frame content. Packet Body refers to the content of the EAPOL frame
EAPOL frame format
switches use three EAPOL protocol frames, respectively
The value of EAPOL-Start:Packet Type is 1, the authentication frame is initiated, and when
the user needs authentication, the frame is first launched, and the client is sent to the switch
The value of EAPOL-Logoff:Packet Type is 2. The request frame is exited and the frame is
notified when the user does not need to use the network
The value of EAP-Packet:Packet Type is 0, and the authentication information frame is used
to bear authentication information

Содержание

Похожие устройства

Скачать
Случайные обсуждения