User Manual for the NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111
The AP sends Beacon Frames with WPA information element to the stations in the service set. Information elements include the required authentication method (802.1x or
1.Initial 802.1x communications begin with an unauthenticated supplicant (i.e., client device) attempting to connect with an authenticator (i.e., 802.11 access point). The client sends an
2.The access point replies with an
3.The client sends an
4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.
5.The authentication server will either send an accept or reject message to the access point.
6.The access point sends an
7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.
The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an
IEEE 802.1x offers an effective framework for authenticating and controlling user traffic to a protected network, as well as providing a vehicle for dynamically varying data encryption keys via EAP from a RADIUS server, for example. This framework enables using a central authentication server, which employs mutual authentication so that a rogue wireless user does not join the network.
It's important to note that 802.1x doesn't provide the actual authentication mechanisms. When using 802.1x, the EAP type, such as Transport Layer Security
B | W ire le ss N e tworkin g B a sics |