7 the extension and optimization of 802.1x – PLANET WGSW-50040 User Manual

25-11

Figure

25-12 the Authentication Flow of 802.1x EAP Termination Mode

25.1.7 The Extension and Optimization of 802.1x

Besides supporting the port- based access authentication method specified by the protocol, devices also

extend and optimize it when implementing the EAP relay mode and EAP termination mode of 802.1x.



Supports some applications in the case of which one physical port can have more than one users



There are three access control methods (the methods to authenticate users): port-based, MAC-based

and user-based (IP address+ MAC address+ port).

 When the port-based method is used, as long as the first user of this port passes the authentication,

all the other users can access the network resources without being authenticated. However, once

the first user is offline, the network won’t be available to all the other users.

 When the MAC-based method is used, all the users accessing a port should be authenticated

separately, only those pass the authentication can access the network, while the others can not.

When one user becomes offline, the other users will not be affected.

 When the user-based (IP address+ MAC address+ port) method is used, all users can access

limited resources before being authenticated. There are two kinds of control in this method: standard

control and advanced control. The user-based standard control will not restrict the access to limited

resources, which means all users of this port can access limited resources before being