1-11 802.1x ConfigurationIntroduction to 802.1xThe 802.1x protocol (802.1x for short) was developed by IEEE802 LAN/WAN committee to addresssecurity issues of wireless LANs. It was then used in Ethernet as a common access control mechanismfor LAN ports to address mainly authentication and security problems.802.1x is a port-based network access control protocol. It authenticates and controls devicesrequesting for access in terms of the ports of LAN access devices. With the 802.1x protocol employed,a user-side device can access the LAN only when it passes the authentication. Those fail to pass theauthentication are denied when accessing the LAN.Architecture of 802.1x AuthenticationAs shown in Figure 1-1, 802.1x adopts a client/server architecture with three entities: a supplicantsystem, an authenticator system, and an authentication server system.Figure 1-1 Architecture of 802.1x authenticationz The supplicant system is an entity residing at one end of a LAN segment and is authenticated bythe authenticator system at the other end of the LAN segment. The supplicant system is usually auser terminal device. An 802.1x authentication is triggered when a user launches client program onthe supplicant system. Note that the client program must support the extensible authenticationprotocol over LAN (EAPoL).z The authenticator system is another entity residing at one end of a LAN segment. It authenticatesthe connected supplicant systems. The authenticator system is usually an 802.1x-supportednetwork device (such as an H3C series switch). It provides the port (physical or logical) for thesupplicant system to access the LAN.z The authentication server system is an entity that provides authentication service to theauthenticator system. Normally in the form of a RADIUS server, the authentication server systemserves to perform AAA (authentication, authorization, and accounting) services to users. It also