Hi all ,
This is my first post.
I am a newbie in this feild with a vague idea about EAP.I wanted to understand the EAP authentication process.Let me explain EAp in a way in which I understand.Please correct me or suggest some docs which I should refer to have a firm grip on the BASICS .I believe that the EAP auth process begins with an EAP start (In some docs it say it is from the client side but in some it says it would be from the server side ,I don't know which ? ).There would be a Session ID that is passed along with the eap start .The port would be unauthorised on EAp start and would pass only dot1x frames.(ports can be aunauthorised in wired ....what happens in wireless ?)Then there would be a EAP request and response identity(Is it username password or certificates that are passed as identity ? ).Then there would be an EAP challenge and response.(Why do we need this step,I believe that the identity has been already validated in previous one ).Based on whether all these processes go through client is allowed or denied access.
Also How is EAP integrated with WPA ?
Also I beleive that these processes happen only once which means once a client is authorised for access unless he sends a EAPOl logoff he is allowed access to network.What preventive measures does EAP have about a client impersonating an authenticated user and gaining access to network in wired as well as wireless ?
Please bear with me if I have posted irrelevant questions
Thanks in advance