Overview; Radius - ZyXEL Communications ZyWALL 5 User Manual

6.7 802.1x Overview
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless
stations and encryption key management. Authentication can be done using the local user database
internal to the ZyWALL (authenticate up to 32 users) or an external RADIUS server for an unlimited
number of users.
6.8

RADIUS

RADIUS is based on a client-sever model that supports authentication and accounting, where access
point is the client and the server is the RADIUS server. The RADIUS server handles the following
tasks among others:
•
Authentication
Determines the identity of the users.
•
Accounting
Keeps track of the client's network activity.
RADIUS user is a simple package exchange in which your ZyWALL acts as a message relay between
the wireless station and the network RADIUS server.
Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point and the RADIUS
server for user authentication:
•
Access-Request
Sent by an access point requesting authentication.
•
Access-Reject
Sent by a RADIUS server rejecting access.
•
Access-Accept
Sent by a RADIUS server allowing access.
•
Access-Challenge
Sent by a RADIUS server requesting more information in order to allow access. The access
point sends a proper response from the user and then sends another Access-Request message.
The following types of RADIUS messages are exchanged between the access point and the RADIUS
server for user accounting:
•
Accounting-Request
Sent by the access point requesting accounting.
•
Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
Wireless LAN and Authentication Server
ZyWALL 5 Internet Security Appliance
6-7