Table of Contents
Advertisement
ZyXEL G-560 User's Guide
•
Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
In order to ensure network security, the access point and the RADIUS server use a shared secret key, which
is a password, they both know. The key is not sent over the network. In addition to the shared key, password
information exchanged is also encrypted to protect the wired network from unauthorized access.
6.7.1 EAP Authentication Overview
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE802.1x
transport mechanism in order to support multiple types of user authentication. By using EAP to interact with
an EAP-compatible RADIUS server, the access point helps a wireless station and a RADIUS server perform
authentication.
The type of authentication you use depends on the RADIUS server or the AP. The G-560 supports EAP-TLS,
EAP-TTLS and PEAP with RADIUS. Refer to the Types of EAP Authentication appendix for descriptions on
the common types.
The following figure shows an overview of authentication when you specify a RADIUS server on your
access point.
The details below provide a general description of how IEEE 802.1x EAP authentication works.
•
The wireless station sends a "start" message to the G-560.
•
The G-560 sends a "request identity" message to the wireless station for identity information.
•
The wireless station replies with identity information, including username and password.
•
The RADIUS server checks the user information against its user profile database and determines
whether or not to authenticate the wireless station.
6-12
Figure 6-8 EAP Authentication
Wireless Screens
- Quick Links:
- Resetting the G-560
Hide quick links:
Advertisement
Table of Contents
