All contents copyright (c) 2011 ZyXEL Communications Corporation.
81
Electronics Engineers) standard, which specifies a standard mechanism for
authenticating, at the link layer (Layer 2), users' access to IEEE 802 networks such as
Ethernet (IEEE 802.3) and Wireless LAN (IEEE 802.11). For IEEE 802.11 WLAN, IEEE
802.1x authentication can be based on username/password or digital certificate.
What is the difference between No authentication
required, No access allowed and Authentication
required?
No authentication required—disables 802.1X and causes the port to transition to the
authorized state without any authentication exchange required. The port transmits
and receives normal traffic without 802.1X-based authentication of the client.
No access allowed—causes the port to remain in the unauthorized state, ignoring all
attempts by the client to authenticate. The switch cannot provide authentication
services to the client through the interface.
Authentication required—enables 802.1X and causes the port to begin in the
unauthorized state, allowing only EAPOL frames to be sent and received through the
port. The authentication process begins when the link state of the port transitions
from down to up, or when an EAPOL-start frame is received. The switch requests the
identity of the client and begins relaying authentication messages between the client
and the authentication server. Each client attempting to access the network is
uniquely identified by the switch by using the client's MAC address.
What is AAA?
AAA is the acronym for Authentication, Authorization, and Accounting and refers to
the idea of managing subscribers by controlling their access to the network, verifying
that they are who they say they are (via login name and password or MAC address)
and accounting for their network usage.