Cisco AIR-LAP1252AG-A-K9 Software Configuration Guide - Page 123
Sequence for EAP Authentication - aironet authentication process
UPC - 882658140716
View all Cisco AIR-LAP1252AG-A-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 123 highlights
Chapter 4 Security Setup Security Overview When you enable EAP on your access points and client devices, authentication to the network occurs in the steps shown in Figure 4-2: Figure 4-2 Sequence for EAP Authentication Wired LAN Client device Access point or bridge Server 1. Authentication request 2. Identity request 3. Username and password (relay to client) 5. Authentication response (relay to client) 7. Authentication challenge (relay to client) 9. Successful authentication (relay to server) 4. Authentication challenge (relay to server) 6. Authentication success (relay to server) 8. Authentication response (relay to server) 65583 In steps 1 through 9 in Figure 4-2, a wireless client device and a RADIUS server on the wired LAN use 802.1x and EAP to perform a mutual authentication through the access point. The RADIUS server sends an authentication challenge to the client. The client uses a one-way encryption of the user-supplied password to generate a response to the challenge and sends that response to the RADIUS server. Using information from its user database, the RADIUS server creates its own response and compares that to the response from the client. When the RADIUS server authenticates the client, the process repeats in reverse, and the client authenticates the RADIUS server. OL-2159-03 Cisco Aironet 1200 Series Access Point Software Configuration Guide 4-5