Example message sequence – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

802.1X Introduction and Configuration

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

40.5

Example message sequence

The diagram below illustrates an exchange using the EAP-MD5 authentication method,
which is the simplest authentication method supported by 802.1X.

The EAPoL logoff message, of course, is not sent immediately after the other messages in
the diagram, but is sent later on, at the end of the supplicant’s data session, when it wishes
to disconnect from the network.The EAPoL logoff message, of course, is not sent
immediately after the other messages in the diagram, but is sent later on, at the end of the
supplicant’s data session, when it wishes to disconnect from the network.

EAP-Request

6

Radius-Access-Challenge

EAPOL-Start

EAP-Response/Identity (MyID)

EAP-Request/Identity

EAP-Request-Challenge (MD5)

EAP-Response-Challenge (MD5)

EAP-Response-Challenge (MD5)

EAP-Success

EAP-Fail

EAPOL-Logoff

Radius-Access-Request

Radius-Access-Challenge

Radius-Access-Accept

Radius-Access-Reject

Authentication

fail

Authentication

success

Authentication

terminated

Port unauthorized

Port authorized

Port unauthorized

Authentication Server

(RADIUS server)

Authenticator

Supplicant

EAPOL conversation

between supplicant

and switch.

RADIUS conversation

between switch and

RADIUS server.

1

5

4

7

2

10

3

8

6

8

7

Radius-Access-Request

Data Session

9