Nortel Networks 42C4911 Bedienungsanleitung Seite 70
- Seite / 260
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Alteon OS Application Guide
70
Chapter 2: Port-based Network Access Control 42C4911, January 2007
EAPoL Message Exchange
During authentication, EAPOL messages are exchanged between the client and the GbESM
authenticator, while RADIUS-EAP messages are exchanged between the GbESM authentica-
tor and the RADIUS server.
Authentication is initiated by one of the following methods:
GbESM authenticator sends an EAP-Request/Identity packet to the client
Client sends an EAPOL-Start frame to the GbESM authenticator, which responds with an
EAP-Request/Identity frame.
The client confirms its identity by sending an EAP-Response/Identity frame to the GbESM
authenticator, which forwards the frame encapsulated in a RADIUS packet to the server.
The RADIUS authentication server chooses an EAP-supported authentication algorithm to
verify the client’s identity, and sends an EAP-Request packet to the client via the GbESM
authenticator. The client then replies to the RADIUS server with an EAP-Response containing
its credentials.
Upon a successful authentication of the client by the server, the 802.1x-controlled port transi-
tions from unauthorized to authorized state, and the client is allowed full access to services
through the controlled port. When the client later sends an EAPOL-Logoff message to the
GbESM authenticator, the port transitions from authorized to unauthorized state.
If a client that does not support 802.1x connects to an 802.1x-controlled port, the GbESM
authenticator requests the client's identity when it detects a change in the operational state of
the port. The client does not respond to the request, and the port remains in the unauthorized
state.
NOTE – When an 802.1x-enabled client connects to a port that is not 802.1x-controlled, the cli-
ent initiates the authentication process by sending an EAPOL-Start frame. When no response is
received, the client retransmits the request for a fixed number of times. If no response is
received, the client assumes the port is in authorized state, and begins sending frames, even if
the port is unauthorized.
- Application Guide 1
- Contents 3
- 4 42C4911, January 2007 4
- 542C4911, January 2007 5
- Part 2: IP Routing 141 6
- 742C4911, January 2007 7
- Fundamentals 215 8
- Part 4: Appendices 243 9
- Alteon OS Application Guide 10
- 10 42C4911, January 2007 10
- 42C4911, January 2007 11 11
- 12 42C4911, January 2007 12
- 42C4911, January 2007 13 13
- 14 42C4911, January 2007 14
- Who Should Use This Guide 15
- Part 1: Basic Switching 16
- Part 4: Appendices 17
- Typographic Conventions 18
- How to Get Help 19
- 22 42C4911, January 2007 22
- Accessing the Switch 23
- Management module setup 24
- Default Gateway 25
- 2742C4911, January 2007 27
- Using Telnet 29
- 3342C4911, January 2007 33
- 3542C4911, January 2007 35
- Using SNMP 36
- Default configuration 37
- User Configuration: 37
- View based Configurations 38
- Configuring SNMP Trap Hosts 39
- 4142C4911, January 2007 41
- Securing Access to the Switch 43
- 4542C4911, January 2007 45
- Switch User Accounts 47
- TACACS+ Authentication 48
- Authorization 49
- Accounting 50
- TACACS+ Password Change 51
- Configuring the LDAP Server 53
- Secure Shell and Secure Copy 55
- To log in to the switch: 57
- 5942C4911, January 2007 59
- SecurID Support 60
- Using SecurID with SSH 60
- Using SecurID with SCP 60
- End User Access Control 61
- Strong Passwords 62
- User Access Control Menu 62
- Enabling or Disabling a User 63
- Listing Current Users 64
- 6542C4911, January 2007 65
- CHAPTER 2 67
- 802.1x Authentication Process 69
- EAPoL Message Exchange 70
- 802.1x Port States 71
- Supported RADIUS Attributes 72
- Configuration Guidelines 73
- CHAPTER 3 75
- VLAN Numbers 77
- PVID Numbers 77
- Viewing and Configuring PVIDs 78
- Chapter 3: VLANs 79
- 7942C4911, January 2007 79
- VLAN Tagging 80
- 8142C4911, January 2007 81
- 8342C4911, January 2007 83
- VLAN configuration rules 84
- 8542C4911, January 2007 85
- Protocol-based VLANs 87
- PVLAN Priority Levels 88
- PVLAN Tagging 88
- Configuring PVLAN 89
- 5. Enable the PVLAN 90
- 9142C4911, January 2007 91
- Ports and Trunking 93
- Aggregate 94
- Statistical Load Distribution 95
- Built-In Fault Tolerance 95
- Port Trunking Example 97
- Trunk 3: Ports 2, 12, and 22 97
- 9942C4911, January 2007 99
- 10142C4911, January 2007 101
- Configuring LACP 103
- Spanning Tree Group 105
- Overview 106
- Bridge Priority 107
- Port Priority 107
- Port Path Cost 108
- Creating a VLAN 108
- Rules for VLAN Tagged ports 109
- Multiple Spanning Trees 110
- BladeCenter 111
- GbE Switch 111
- Module B 111
- 11342C4911, January 2007 113
- Port Fast Forwarding 115
- Fast Uplink Convergence 116
- Spanning Tree Protocol 117
- Rapid Spanning Tree Protocol 118
- Port Type and Link Type 119
- RSTP Configuration Guidelines 119
- RSTP Configuration Example 120
- MSTP Region 121
- Common Internal Spanning Tree 121
- MSTP Configuration Guidelines 122
- MSTP Configuration Example 122
- Quality of Service 123
- Alteon OS Application Guide 125
- 12542C4911, January 2007 125
- Using ACL Filters 126
- 12742C4911, January 2007 127
- Ethernet tagging format 127
- IP format (IPv4, IPv6) 127
- Summary of ACL Actions 128
- Understanding ACL Precedence 128
- Using ACL Groups 129
- ACL Metering and Re-marking 130
- Viewing ACL Statistics 131
- ACL Configuration Examples 132
- Example 3 133
- Per Hop Behavior 134
- 13542C4911, January 2007 135
- QoS Levels 136
- DSCP Re-marking and Mapping 137
- 13942C4911, January 2007 139
- Queuing and Scheduling 140
- Part 2: IP Routing 141
- 142 42C4911, January 2007 142
- Basic IP Routing 143
- IP Routing Benefits 144
- Internet 145
- 14742C4911, January 2007 147
- Example of Subnet Routing 148
- 14942C4911, January 2007 149
- 15142C4911, January 2007 151
- DHCP Relay Agent 153
- Routing Information Protocol 155
- Routing Updates 156
- RIP Features 157
- RIP Configuration Example 158
- 15942C4911, January 2007 159
- CHAPTER 10 161
- IGMP Snooping 162
- Configure IGMP Snooping 163
- Static Multicast Router 164
- IGMP Relay 165
- Configure IGMP Relay 166
- Chapter 10: IGMP 167
- 16742C4911, January 2007 167
- Additional IGMP Features 168
- Configuring the Action 169
- Configure IGMP Filtering 169
- Border Gateway Protocol 171
- Forming BGP Peer Routers 173
- What is a Route Map? 174
- 17542C4911, January 2007 175
- Precedence 176
- Configuration Overview 176
- 17742C4911, January 2007 177
- Aggregating Routes 178
- Redistributing Routes 179
- BGP Attributes 180
- Selecting Route Paths in BGP 181
- BGP Failover Configuration 182
- 18342C4911, January 2007 183
- 18542C4911, January 2007 185
- CHAPTER 12 187
- OSPF Overview 188
- Figure 12-1 OSPF Area Types 189
- OSPF Autonomous System 190
- Neighbors and Adjacencies 191
- The Link-State Database 191
- The Shortest Path First Tree 192
- Configurable Parameters 193
- Defining Areas 194
- 19542C4911, January 2007 195
- Interface Cost 196
- Summarizing Routes 196
- Virtual Links 198
- Router ID 199
- Authentication 199
- Switch 3 200
- Switch 4 200
- 20142C4911, January 2007 201
- Chapter 12: OSPF 203
- 20342C4911, January 2007 203
- OSPF Configuration Examples 204
- Example 1: Simple OSPF Domain 205
- Example 2: Virtual Links 207
- 20942C4911, January 2007 209
- Other Virtual Link Options 210
- Verifying OSPF Configuration 213
- Part 3: High Availability 215
- Fundamentals 215
- 216 42C4911, January 2007 216
- High Availability 217
- Layer 2 Failover 218
- Setting the Failover Limit 219
- Configuring Trunk Failover 223
- VRRP Overview 224
- Virtual Interface Router 225
- VRRP Operation 226
- 22742C4911, January 2007 227
- Active (subnet A and C) 228
- Active (subnet B and D) 228
- Hot-Standby Redundancy 229
- Alteon OS extensions to VRRP 230
- 23142C4911, January 2007 231
- Active-Active Configuration 233
- Task 1: Configure GbESM 1 234
- 5. Configure ports 235
- Task 2: Configure GbESM 2 236
- Hot-Standby Configuration 238
- Server 2 239
- Server 1 239
- 244 42C4911, January 2007 244
- Troubleshooting 245
- Monitoring port 246
- Mirrored ports 246
- Port Mirroring behavior 247
- Layer 3 Port Mirroring 248
- 24942C4911, January 2007 249
- Configuring Port Mirroring 251
- APPENDIX B 253
- Glossary 255
- 25942C4911, January 2007 259
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.230 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern