Table of Contents
Advertisement
Authentication Types
Figure 0-2
Switch on
LAN 1
EAP Authentication to the Network
EAP authentication to the network provides the highest level of security for a wireless network. By using
the Extensible Authentication Protocol (EAP) to interact with an EAP-compatible RADIUS server, the
root device helps the authenticating device and the RADIUS server perform mutual authentication and
derive a dynamic session key, which the root device and the authenticating device use to further derive
the unicast key. The root generates the broadcast key and sends it to the authenticating device after
encrypting it with unicast key. The unicast key is used to exchange unicast data between the root device
and authenticated device, and the broadcast key is used to exchange multicast and broadcast data
between them.
When you enable EAP on your bridges, authentication to the network occurs in the sequence shown in
Figure
Sequence for Shared Key Authentication
Non-Root Bridge
with
WEP key = 123
1. Authentication request
2. Unencrypted challenge
3. Encrypted challenge response
4. Authentication response
0-3.
Root Bridge
with
WEP key = 123
Cisco 3200 Series Wireless MIC Software Configuration Guide
Understanding Authentication Types
Switch on
LAN 2
3
Hide quick links:
Advertisement
Table of Contents
