EAP Authentication Process

Unanswered Question
Apr 19th, 2008

Hi all ,

This is my first post.

I am a newbie in this feild with a vague idea about EAP.I wanted to understand the EAP authentication process.Let me explain EAp in a way in which I understand.Please correct me or suggest some docs which I should refer to have a firm grip on the BASICS .I believe that the EAP auth process begins with an EAP start (In some docs it say it is from the client side but in some it says it would be from the server side ,I don't know which ? ).There would be a Session ID that is passed along with the eap start .The port would be unauthorised on EAp start and would pass only dot1x frames.(ports can be aunauthorised in wired ....what happens in wireless ?)Then there would be a EAP request and response identity(Is it username password or certificates that are passed as identity ? ).Then there would be an EAP challenge and response.(Why do we need this step,I believe that the identity has been already validated in previous one ).Based on whether all these processes go through client is allowed or denied access.

Also How is EAP integrated with WPA ?

Also I beleive that these processes happen only once which means once a client is authorised for access unless he sends a EAPOl logoff he is allowed access to network.What preventive measures does EAP have about a client impersonating an authenticated user and gaining access to network in wired as well as wireless ?

Please bear with me if I have posted irrelevant questions

?

Thanks in advance

Best Regards,

Mubeesh Ali.V.M

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
owillins Thu, 04/24/2008 - 12:03

WPA and WPA2 offer a high level of assurance for end users and network administrators that their data will remain private and that access to their networks will be restricted to authorized users. Both have personal and enterprise modes of operation that meet the distinct needs of the two market segments. The Enterprise Mode of each uses IEEE 802.1X and EAP for authentication.

mubeeshalivm Sat, 04/26/2008 - 05:13

Hi owillins ,Thanks for your response.It clears the WPA part but I am still not clear about the EAP ,802.1X key exchange process.

Thanks ,

Mubeesh

Actions

This Discussion