Types Of Eap Authentication - ZyXEL Communications NWA-1100 User Manual

802.11b/g wireless access point

Hide thumbs Also See for NWA-1100:

Manual (250 pages)

User manual (206 pages)

Quick start manual (144 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

Table of Contents

Appendix E Wireless LANs

• Access-Challenge

Sent by a RADIUS server requesting more information in order to allow access.

The access point sends a proper response from the user and then sends another

Access-Request message.

The following types of RADIUS messages are exchanged between the access point

and the RADIUS server for user accounting:

• Accounting-Request

Sent by the access point requesting accounting.

• Accounting-Response

Sent by the RADIUS server to indicate that it has started or stopped accounting.

In order to ensure network security, the access point and the RADIUS server use a

shared secret key, which is a password, they both know. The key is not sent over

the network. In addition to the shared key, password information exchanged is

also encrypted to protect the network from unauthorized access.

Types of EAP Authentication

This section discusses some popular authentication types: EAP-MD5, EAP-TLS,

EAP-TTLS, PEAP and LEAP. Your wireless LAN device may not support all

authentication types.

EAP (Extensible Authentication Protocol) is an authentication protocol that runs on

top of the IEEE 802.1x transport mechanism in order to support multiple types of

user authentication. By using EAP to interact with an EAP-compatible RADIUS

server, an access point helps a wireless station and a RADIUS server perform

authentication.

The type of authentication you use depends on the RADIUS server and an

intermediary AP(s) that supports IEEE 802.1x. .

For EAP-TLS authentication type, you must first have a wired connection to the

network and obtain the certificate(s) from a certificate authority (CA). A certificate

(also called digital IDs) can be used to authenticate users and a CA issues

certificates and guarantees the identity of each certificate owner.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The

authentication server sends a challenge to the wireless client. The wireless client

'proves' that it knows the password by encrypting the password with the challenge

and sends back the information. Password is not sent in plain text.

164

ZyXEL NWA-1100 User's Guide

Table of Contents

Types Of Eap Authentication - ZyXEL Communications NWA-1100 User Manual

Types of EAP Authentication

Troubleshooting

Related Manuals for ZyXEL Communications NWA-1100

Related Content for ZyXEL Communications NWA-1100

Table of Contents