3com S7906E Instruccion De Instalación

 

1-5 

packet is for querying the identity of the client. A value of 4 represents MD5-Challenge, which 

corresponds closely to the PPP CHAP protocol. 

Figure 1-5 Format of the Data field in an EAP request/response packet 

 

 

z 

Identifier: Used to match request and response messages. 

z 

Length: Length of the EAP packet, including the Code, Identifier, Length, and Data fields, in bytes. 

z 

Data: Content of the EAP packet. This field is zero or more bytes and its format is determined by 

the Code field. 

Two attributes of RADIUS are intended for supporting EAP authentication: EAP-Message and 

Message-Authenticator. For information about RADIUS packet format, refer to AAA Configuration in the 

Security Volume. 

The EAP-Message attribute is used to encapsulate EAP packets. 

 shows its encapsulation 

format. The value of the Type field is 79. The String field can be up to 253 bytes. If the EAP packet is 

longer than 253 bytes, it can be fragmented and encapsulated into multiple EAP-Message attributes. 

Figure 1-6 Encapsulation format of the EAP-Message attribute 

 

 

 shows the encapsulation format of the Message-Authenticator attribute. The 

Message-Authenticator attribute is used to prevent access requests from being snooped during EAP 

authentication. It must be included in any packet with the EAP-Message attribute; otherwise, the packet 

will be considered invalid and get discarded. 

Figure 1-7 Encapsulation format of the Message-Authenticator attribute 

 

 

802.1X authentication can be initiated by either a client or the device.