Cisco CISCO1401 Software Guide - Page 123
EAP Authentication to the Network
![]() |
UPC - 746320202785
View all Cisco CISCO1401 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 123 highlights
Chapter 10 Configuring Authentication Types Understanding Authentication Types intruder who calculates the WEP key by comparing the unencrypted and encrypted text strings. Because of this weakness, shared key authentication can be less secure than open authentication. Like open authentication, shared key authentication does not rely on a RADIUS server on your network. Figure 10-2 shows the authentication sequence between a device trying to authenticate and an bridge using shared key authentication. In this example the device's WEP key matches the bridge's key, so it can authenticate and communicate. Figure 10-2 Sequence for Shared Key Authentication Switch on LAN 1 Non-Root Bridge with WEP key = 123 Root Bridge with WEP key = 123 1. Authentication request 2. Unencrypted challenge 3. Encrypted challenge response 4. Authentication response Switch on LAN 2 88903 EAP Authentication to the Network This authentication type provides the highest level of security for your wireless network. By using the Extensible Authentication Protocol (EAP) to interact with an EAP-compatible RADIUS server, the root bridge helps another bridge and the RADIUS server to perform mutual authentication and derive a dynamic unicast WEP key. The RADIUS server sends the WEP key to the root bridge, which uses it for all unicast data signals that it sends to or receives from the non-root bridge. The root bridge also encrypts its broadcast WEP key (entered in the bridge's WEP key slot 1) with the non-root bridge's unicast key and sends it to the non-root bridge. OL-4059-01 Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide 10-3
![](/manual_guide/products/cisco-cisco1401-software-guide-337473e/123.png)