35 802.1x, Overview, Architecture of 802.1x – H3C Technologies H3C WX6000 Series Access Controllers User Manual

35-1

35

802.1X

The sample output in this manual was created on the WX5004. The output on your device may

vary.

The grayed out functions or parameters on the Web interface indicate that they are not supported

or cannot be modified.

The models listed in this manual are not applicable to all regions. Please consult your local sales

office for the models applicable to your region.

Overview

The 802.1X protocol was proposed by the IEEE 802 LAN/WAN committee for security of wireless LANs

(WLAN).It has been widely used on Ethernet as a common port access control mechanism.

As a port-based access control protocol, 802.1X authenticates and controls accessing devices at the

port level. A device connected to an 802.1X-enabled port of an access control device can access the

resources on the LAN only after passing authentication.

Architecture of 802.1X

802.1X operates in the typical client/server model and defines three entities: Client, Device, and Server,

as shown in

Figure 35-1

.

Figure 35-1 Architecture of 802.1X

Client is an entity seeking access to the LAN. It resides at one end of a LAN segment and is

authenticated by Device at the other end of the LAN segment. Client is usually a user-end device

such as a PC. 802.1X authentication is triggered when an 802.1X-capable client program is

launched on Client. The client program must support Extensible Authentication Protocol over LAN

(EAPOL).

Device, residing at the other end of the LAN segment, authenticates connected clients. Device is

usually an 802.1X-enabled network device and provides access ports (physical or logical) for

clients to access the LAN.