Control direction, Eap over lan, Eapol packet format – H3C Technologies H3C S5120 Series Switches User Manual

1-3

Figure 1-2 Authorized/unauthorized status of a controlled port

You can set the authorization mode of a specified port to control the port authorization status. The

authorization modes include:

z

authorized-force: Places the port in the authorized state, allowing users on the port to access the

network without authentication.

z

unauthorized-force: Places the port in the unauthorized state, denying any access requests from

users on the port.

z

auto: Places the port in the unauthorized state initially to allow only EAPOL packets to pass, and

turns the port into the authorized state to allow access to the network after the users pass

authentication. This is the most common choice.

Control direction

In the unauthorized state, the controlled port can be set to deny traffic to and from the client or just the

traffic from the client.

Currently, your device can only be set to deny traffic from the client.

EAP over LAN

EAPOL packet format

EAPOL, defined in 802.1X, is intended to carry EAP protocol packets between clients and devices over

LANs.

Figure 1-3

shows the EAPOL packet format.