Cisco WAP200 Administration Guide - Page 41

Chapter 2 How it works Chapter 2 MAC + 802.1x Not Mandatory MAC + 802.1x Mandatory Failure - No Failure Success Yes Failure Failure No Success Failure No Success - Yes Success Success Yes Failure - No Failure Success Yes Failure Failure No Success Failure No Success - No Success Success Yes Example A MAC and 802.1x enabled, mandatory 802.1x authentication option disabled Wireless clients are automatically authenticated by their MAC address. • If MAC authentication succeeds, the client gains access. Next the client station can initiate an 802.1x session, causing 802.1x authentication to take place. The result of this authentication then takes precedence over the MAC authentication result. • If MAC authentication fails, the client does not gain access but can still initiate an 802.1x session, causing 802.1x authentication to take place. If the result of this authentication is successful, then the client gains access. Example B MAC and 802.1x enabled, mandatory 802.1x authentication option enabled Wireless clients are automatically authenticated by their MAC address. If MAC authentication succeeds they do not gain access until 802.1x authentication is successful. Example C MAC disabled and 802.1x enabled, mandatory 802.1x authentication option disabled Wireless clients automatically gain access to the network with no authentication required. If the client starts an 802.1x session, authentication to take place. If the result of this authentication is failure, then the client looses access to the network. Example D MAC disabled and 802.1x enabled, mandatory 802.1x authentication option enabled Wireless clients only gain access to the network after successfully starting being authenticated via an 802.1x session. 41