Appendix E Wireless LANs
Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication:
•
Sent by an access point requesting authentication.
•
Sent by a RADIUS server rejecting access.
•
Sent by a RADIUS server allowing access.
•
Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another
The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting:
•
Sent by the access point requesting accounting.
•
Sent by the RADIUS server to indicate that it has started or stopped accounting.
In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.
Types of EAP Authentication
This section discusses some popular authentication types:
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an
The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that supports IEEE 802.1x.
For
MD5 authentication is the simplest
184 |
|
NWA1000 Series User’s Guide | |
|
|