设为首页收藏本站language 语言切换
查看: 1844|回复: 4
收起左侧

802.1x EAP认证过程

[复制链接]
发表于 2014-5-8 17:22:41 | 显示全部楼层 |阅读模式
1.当用户有上网需求时打开802.1X客户端程序,输入用户名和口令,发起连接请求。此时客户端程序将发出请求认证的报文给交换机,启动一次认证过程。
如下:
Frame 90 (64 bytes on wire, 64 bytes captured)
    Arrival Time: Nov 27, 2006 16:27:33.446030000
    Time delta from previous packet: 3.105345000 seconds
    Time since reference or first frame: 5.082965000 seconds
    Frame Number: 90
    Packet Length: 64 bytes
    Capture Length: 64 bytes
Ethernet II, Src: 00:e0:4c:d7:65:cd, Dst: 01:80:c2:00:00:03
    Destination: 01:80:c2:00:00:03 (Spanning-tree-(for-bridges)_03)
    Source: 00:e0:4c:d7:65:cd (RealtekS_d7:65:cd)
    Type: 802.1X Authentication (0x888e)
    Trailer: A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5...
    Frame check sequence: 0xa5a5a5a5 (incorrect, should be 0xcc6d5b40)
802.1x Authentication
    Version: 1
    Type: Start (1)
    Length: 0

2.交换机在收到请求认证的数据帧后,将发出一个EAP-Request/Identitybaowe请求帧要求客户端程序发送用户输入的用户名

Frame 91 (64 bytes on wire, 64 bytes captured)
    Arrival Time: Nov 27, 2006 16:27:33.447236000
    Time delta from previous packet: 0.001206000 seconds
    Time since reference or first frame: 5.084171000 seconds
    Frame Number: 91
    Packet Length: 64 bytes
    Capture Length: 64 bytes
Ethernet II, Src: 00:03:0f:01:3a:5a, Dst: 00:e0:4c:d7:65:cd
    Destination: 00:e0:4c:d7:65:cd (RealtekS_d7:65:cd)
    Source: 00:03:0f:01:3a:5a (DigitalC_01:3a:5a)
    Type: 802.1X Authentication (0x888e)
    Trailer: A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5...
    Frame check sequence: 0xa5a5a5a5 (incorrect, should be 0x7d263869)
802.1x Authentication
    Version: 1
    Type: EAP Packet (0)
    Length: 5
    Extensible Authentication Protocol
        Code: Request (1)
        Id: 1
        Length: 5
        Type: Identity [RFC3748] (1)

3.客户端程序响应交换机的请求,将包含用户名信息的一个EAP-Response/Identity送给交换机,交换机将客户端送来的数据帧经过封包处理后生成RADIUS Access-Request报文送给认证服务器进行处理。
Frame 148 (77 bytes on wire, 77 bytes captured)
    Arrival Time: Nov 27, 2006 16:27:36.446199000
    Time delta from previous packet: 2.998963000 seconds
    Time since reference or first frame: 8.083134000 seconds
    Frame Number: 148
    Packet Length: 77 bytes
    Capture Length: 77 bytes
Ethernet II, Src: 00:e0:4c:d7:65:cd, Dst: 01:80:c2:00:00:03
    Destination: 01:80:c2:00:00:03 (Spanning-tree-(for-bridges)_03)
    Source: 00:e0:4c:d7:65:cd (RealtekS_d7:65:cd)
    Type: 802.1X Authentication (0x888e)
802.1x Authentication
    Version: 1
    Type: EAP Packet (0)
    Length: 59
    Extensible Authentication Protocol
        Code: Response (2)
        Id: 1
        Length: 13
        Type: Identity [RFC3748] (1)
        
Identity (8 bytes): 03051020


发表于 2014-12-24 17:40:37 | 显示全部楼层
Thanks for your information.
板凳 2014-12-24 17:40:37 回复 收起回复
回复 支持 反对

使用道具 举报

发表于 2017-12-11 19:15:55 | 显示全部楼层
thank u , usefull
地板 2017-12-11 19:15:55 回复 收起回复
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2025-4-6 02:29 , Processed in 0.063037 second(s), 24 queries , Redis On.  

  Powered by Discuz!

  © 2001-2025 HH010.COM

快速回复 返回顶部 返回列表