Radius Operation - Allen-Bradley Stratix 5100 User Manual
Wireless access point/workgroup bridge
Hide thumbs
Also See for Stratix 5100:
- Product information (8 pages) ,
- Product information (8 pages) ,
- Product information (8 pages)
Table of Contents
Advertisement
RADIUS Operation
When a wireless user attempts to log in and authenticate to an access point whose
access is controlled by a RADIUS server, authentication to the network occurs in
the steps shown in this figure.
Figure 109 - Sequence for EAP Authentication
Client
device
1. Authentication request
2. Identity request
3. Username
(relay to client)
5. Authentication response
(relay to client)
7. Authentication challenge
(relay to client)
9. Successful authentication
In Steps 1...9, a wireless client device and a RADIUS server on the wired LAN
use 802.1x and EAP to perform a mutual authentication through the access
point. The RADIUS server sends an authentication challenge to the client. The
client uses a one-way encryption of the user-supplied password to generate a
response to the challenge and sends that response to the RADIUS server.
By using information from its user database, the RADIUS server creates its own
response and compares that to the response from the client. When the RADIUS
server authenticates the client, the process repeats in reverse, and the client
authenticates the RADIUS server.
When mutual authentication is complete, the RADIUS server and the client
determine a WEP key that is unique to the client and provides the client with the
appropriate level of network access, thereby approximating the level of security in
a wired switched segment to an individual desktop. The client loads this key and
prepares to use it for the logon session.
During the logon session, the RADIUS server encrypts and sends the WEP key,
called a session key, over the wired LAN to the access point. The access point
encrypts its broadcast key with the session key and sends the encrypted broadcast
key to the client, that uses the session key to decrypt it. The client and access
point activate WEP and use the session and broadcast WEP keys for all
communication during the remainder of the session.
Rockwell Automation Publication 1783-UM006A-EN-P - May 2014
Configuring RADIUS and TACACS+ Servers
Wired LAN
Access point
or bridge
(relay to server)
4. Authentication challenge
(relay to server)
6. Authentication success
(relay to server)
8. Authentication response
(relay to server)
Chapter 14
RADIUS Server
409
Advertisement
Table of Contents
Related Manuals for Allen-Bradley Stratix 5100
Related Products for Allen-Bradley Stratix 5100
- Allen-Bradley Kinetix 5100 2198-E1004-ERS
- Allen-Bradley Kinetix 5100 2198-E1007-ERS
- Allen-Bradley Kinetix 5100 2198-E1020-ERS
- Allen-Bradley Kinetix 5100 2198-E1015-ERS
- Allen-Bradley Kinetix 5100 2198-E2030-ERS
- Allen-Bradley Kinetix 5100 2198-E2055-ERS
- Allen-Bradley Kinetix 5100 2198-E2075-ERS
- Allen-Bradley Kinetix 5100 2198-E2150-ERS