Administrator Guide

802.1X

802.1X is a port-based Network Access Control (PNAC) that provides an authentication mechanism to devices wishing to attach to a LAN

or WLAN. A device connected to a port that is enabled with 802.1X is disallowed from sending or receiving packets on the network until its

identity is verified (through a username and password, for example).

802.1X employs Extensible Authentication Protocol (EAP) to transfer a device’s credentials to an authentication server (typically RADIUS)

using a mandatory intermediary network access device, in this case, a Dell EMC Networking switch. The network access device mediates

all communication between the end-user device and the authentication server so that the network remains secure. The network access

device uses EAP-over-Ethernet (EAPOL) to communicate with the end-user device and EAP-over-RADIUS to communicate with the

server.

NOTE: The Dell EMC Networking Operating System (OS) supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-

TTLS, PEAPv0, PEAPv1, and MS-CHAPv2 with PEAP.

The following figures show how the EAP frames are encapsulated in Ethernet and RADIUS frames.

Figure 3. EAP Frames Encapsulated in Ethernet and RADUIS

Figure 4. EAP Frames Encapsulated in Ethernet and RADUIS

The authentication process involves three devices:

802.1X 79