Administrator Guide
5
802.1X
802.1X is a method of port security.
A device connected to a port that is enabled with 802.1X is disallowed from sending or receiving packets on the network until its
identity can be veried (through a username and password, for example). This feature is named for its IEEE specication.
802.1X employs extensible authentication protocol (EAP) to transfer a device’s credentials to an authentication server (typically
RADIUS) using a mandatory intermediary network access device, in this case, a Dell Networking switch. The network access device
mediates all communication between the end-user device and the authentication server so that the network remains secure. The
network access device uses EAP-over-Ethernet (EAPOL) to communicate with the end-user device and EAP-over-RADIUS to
communicate with the server.
NOTE: The Dell Networking operating system supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-TTLS, PEAPv0,
PEAPv1, and MS-CHAPv2 with PEAP.
The following gures show how the EAP frames are encapsulated in Ethernet and RADIUS frames.
Figure 1. EAP Frames Encapsulated in Ethernet and RADUIS
802.1X
75