D-Link DES-7200 Refrigerator User Manual


  Open as PDF
of 1968
 
DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-4
This is a typical authentication process initiated by users (in some special cases, the switch
can actively initiate authentication request, whose process is the same as that shown in the
diagram, except that it does not contain the step where the user actively initiates the request).
4.1.3 States of Authorized Users
and Unauthorized Users
The 802.1x determines whether the users on the port are allowed to access the network
according to the authentication status of the port. Since we expand the 802.1X based on users,
we determine whether a user is allowed to access network resources according to the
authentication status of that user under a port. All users under an uncontrolled port can use
network resources, while those under a controlled port can access network resources only if
they are authorized. When a user just initiates an authentication request, its status is
unauthorized, in which case it cannot access the network. When the authentication is passed,
its status changes to be authorized, in which case it can use the network resources.
If the workstation does not support 802.1x while the machine is connected with the controlled
port, when the equipment requests the username of the user, the workstation will not respond
to the request due to no support. This means that the user is still unauthorized and cannot
access the network resources.
On the contrary, if the client supports 802.1x, while the connected switch does not: The
EAPOL-START frames from the user are not responded, and the user deems it connected port
as an uncontrolled port and directly uses network resources, when the user fails to receive any
response after it sends the specified number of EAPOL-START frames.
On a 802.1x-enabled device, all ports are uncontrolled ports by default. We can set a port as a
controlled port, to impose authentication over all the users under that port.
When a user has passed authentication (the switch has received success packets from the