×

802.1X authentication technique for shared media

  • US 7,624,431 B2
  • Filed: 12/04/2003
  • Issued: 11/24/2009
  • Est. Priority Date: 12/04/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method for implementing port-based network access control at a shared media port in an intermediate node, the shared media port being a physical interface coupled to a plurality of client nodes, the method comprising:

  • partitioning the shared media port into a plurality of logical subinterfaces, wherein a logical subinterface is a logical division of a physical interface, each logical subinterface dedicated to providing access to a different network or subnetwork accessible through the intermediate node;

    receiving a data packet at the shared media port from a first client node;

    associating the received data packet with a first logical subinterface in the plurality of logical subinterfaces;

    determining whether the first client node is authenticated to communicate over the first logical subinterface'"'"'s dedicated network or subnetwork;

    if the first client node is determined to be authenticated to communicate over the first logical subinterface'"'"'s dedicated network or subnetwork, forwarding the received data packet over the first logical subinterface'"'"'s dedicated network or subnetwork;

    receiving a second data packet at the shared media port from a second client node;

    associating the second received data packet with the first logical subinterface;

    determining whether the second client node is authenticated to communicate over the first logical subinterface'"'"'s dedicated network or subnetwork; and

    if the second client node is determined to not be authenticated to communicate over the first logical subinterface'"'"'s dedicated network or subnetwork, preventing the second received data packet from being forwarded over the first logical subinterface'"'"'s dedicated network or subnetwork, while still allowing data packets from the first client node to be forwarded if the first client node is determined to be authenticated.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×