HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 464
as defined in the, 1X standard, Authentication Server, Authenticator, CHAP MD5, Client
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 464 highlights
Configuring Port-Based and User-Based Access Control (802.1X) Terminology a port loses its authenticated client connection, it drops its membership in this VLAN. Note that with multiple clients on a port, all such clients use the same untagged, port-based VLAN membership. Authentication Server: The entity providing an authentication service to the switch when the switch is configured to operate as an authenticator. In the case of a switch running 802.1X, this is a RADIUS server (unless local authentication is used, in which case the switch performs this function using its own username and password for authenticating a supplicant). Authenticator: In ProCurve applications, a switch that requires a supplicant to provide the proper credentials before being allowed access to the network. CHAP (MD5): Challenge Handshake Authentication Protocol. Client: In this application, an end-node device such as a management station, workstation, or mobile PC linked to the switch through a point-to-point LAN link. User-Based Authentication: The 802.1X extension in the switches covered in this guide. In this operation, multiple clients on the same port must individually authenticate themselves. Guest VLAN: See "Unauthorized-Client VLAN". EAP (Extensible Authentication Protocol): EAP enables network access that supports multiple authentication methods. EAPOL: Extensible Authentication Protocol Over LAN, as defined in the 802.1X standard. Friendly Client: A client that does not pose a security risk if given access to the switch and your network. MD5: An algorithm for calculating a unique digital signature over a stream of bytes. It is used by CHAP to perform authentication without revealing the shared secret (password). PVID (Port VID): This is the VLAN ID for the untagged VLAN to which an 802.1X port belongs. Port-Based Authentication: In this operation, the first client on a port to authenticate itself unblocks the port for the duration of the client's 802.1X authenticated session. The switches covered in this guide use port-based authentication. 12-8