Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EAP Authentication Process

Hi all ,

This is my first post.

I am a newbie in this feild with a vague idea about EAP.I wanted to understand the EAP authentication process.Let me explain EAp in a way in which I understand.Please correct me or suggest some docs which I should refer to have a firm grip on the BASICS .I believe that the EAP auth process begins with an EAP start (In some docs it say it is from the client side but in some it says it would be from the server side ,I don't know which ? ).There would be a Session ID that is passed along with the eap start .The port would be unauthorised on EAp start and would pass only dot1x frames.(ports can be aunauthorised in wired ....what happens in wireless ?)Then there would be a EAP request and response identity(Is it username password or certificates that are passed as identity ? ).Then there would be an EAP challenge and response.(Why do we need this step,I believe that the identity has been already validated in previous one ).Based on whether all these processes go through client is allowed or denied access.

Also How is EAP integrated with WPA ?

Also I beleive that these processes happen only once which means once a client is authorised for access unless he sends a EAPOl logoff he is allowed access to network.What preventive measures does EAP have about a client impersonating an authenticated user and gaining access to network in wired as well as wireless ?

Please bear with me if I have posted irrelevant questions


Thanks in advance

Best Regards,

Mubeesh Ali.V.M


Re: EAP Authentication Process

WPA and WPA2 offer a high level of assurance for end users and network administrators that their data will remain private and that access to their networks will be restricted to authorized users. Both have personal and enterprise modes of operation that meet the distinct needs of the two market segments. The Enterprise Mode of each uses IEEE 802.1X and EAP for authentication.

New Member

Re: EAP Authentication Process

Hi owillins ,Thanks for your response.It clears the WPA part but I am still not clear about the EAP ,802.1X key exchange process.

Thanks ,