3com 8807 참조 가이드

System view

chap: Uses CHAP authentication method.

pap: Uses PAP authentication method.

eap: Uses EAP authentication method. By now, only MD5 encryption method is 
available.

md5-challenge: EAP MD5-Challenge authentication method

peap: EAP PEAP authentication method

tls: EAP TLS authentication method

Use the dot1x authentication-method command to configure the 
authentication method for 802.1x user.

Use the undo dot1x authentication-method command to restore the default 
authentication method of 802.1x user.

By default, CHAP authentication is used for 802.1x user authentication.

Password Authentication Protocol (PAP) is a kind of authentication protocol with 
two handshakes. It sends password in the form of simple text.

Challenge Handshake Authentication Protocol (CHAP) is a kind of authentication 
protocol with three handshakes. It only transmits username but not password. 
CHAP is more secure and reliable.

In the process of EAP authentication, switch directly sends authentication 
information of 802.1x user to RADIUS server in the form of EAP packet. It is not 
necessary to transfer the EAP packet to standard RADIUS packet first and then 
send it to RADIUS server.

Please note: To realize PAP, CHAP or EAP authentication, RADIUS server should 
support PAP, CHAP or EAP authentication respectively.

Related command: display dot1x.

# Configure 802.1x user to use PAP authentication

[SW8800] dot1x authentication-method pap