Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
919293949596979899100
78
A comparison of EAP relay and EAP termination
Packet exchan
g
e method Benefits
Limitations
EAP relay
Supports various EAP
authentication methods.
The configuration and processing is
simple on the network access
device.
The RADIUS server must support the
EAP-Message and
Message-Authenticator attributes,
and the EAP authentication method
used by the client.
EAP termination
Works with any RADIUS server that
supports PAP or CHAP authentication.
Supports only MD5-Challenge
EAP authentication and the
"username + password" EAP
authentication initiated by an HP
iNode 802.1X client.
The processing is complex on the
network access device.
EAP relay
Figure 35 shows the basic 802.1X authentication procedure in EAP relay mode, assuming that EAP-MD5
is used.