摘要
提出了一套完整的基于纯IPv6环境的802.1x认证解决方案.在适应IPv6无状态地址自动配置新特性的基础上,通过改进802.1x认证流程,使认证服务器可以主动获得节点用户的全局IPv6地址,为后继的用户管理奠定基础.其次,改进了802.1x的"认证之后不管"的管理缺陷,由在线检测服务器监控IPv6在线用户的行为,对非法行为和异常下线的用户,通过SNMP向接入交换机发送"强制下线"指令实现主动管理.
This paper proposes a complete set of 802.1x authentication solutions based on pure IPv6. First ,by improving the 802.1x authentication process based on IPv6 stateless address auto-configuration, authentication server can take the initiative to access the global IPv6 address of the node and lay the foundation for subsequent user management; second ,the management deficiencies of 802.1x which never manage the users who have passed the authentication is improved, the backstage server monitors IPv6 user behavior and drive the switch to force the illegal users or exception offline users to log out through SNMP orders. This mechanism doesn't depend on the client ,so it can strengthen the advantage of active management.
出处
《新疆大学学报(自然科学版)》
CAS
2013年第2期207-210,共4页
Journal of Xinjiang University(Natural Science Edition)
