ZyXEL Communications Prestige 320W Support Notes page 39

P320W Support Notes
The device (i.e. RADIUS server) provides an authentication service to an authenticator. This service
determines, from the credentials provided by the supplicant, whether the supplicant is authorized to
access the services provided by the authenticator. The authentication server performs the actual
authentication of the client. It validates the identity of the supplicant. Because the authenticator acts as the
proxy, the authentication service is transparent to the supplicant.
Authentication Port State and Authentication Control
The port state determines whether or not the supplicant (Wireless Client) is granted access to the network
behind Wireless AP. There are two authentication port state on the AP, authorized state and
unauthorized state.
By default, the port starts in the unauthorized state. While in this state, the port disallows all incoming and
outgoing data traffic except for 802.1x packets. When a supplicant is successfully authenticated, the port
transitions to the authorized state, allowing all traffic for the client to flow normally. If a client that does
not support 802.1x is connected to an unauthorized 802.1x port, the authenticator requests the client's
identity. In this situation, the client does not respond to the 802.1x request, the port remains in the
unauthorized state, and the client is not granted access to the network.
When 802.1x is enabled, the authenticator controls the port authorization state by using the following
control parameters. The following three authentication control parameter are applied in Wireless AP.
39
All contents copyright (c) 2005 ZyXEL Communications Corporation.