Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

difference between WPA2,EAP,LEAP and 802.1x

can someone please explain to me the difference between WPA2,EAP,LEAP and 802.1x.

i read that we use WPA2 as replacement of WEP .and that WPA2 uses EAP to authenticate user with a radius server . so where does 802.1x stand in this scenario? and whats LEAP

thank you

1 REPLY
Silver

Re: difference between WPA2,EAP,LEAP and 802.1x

WPA and WPA2 are all actually interim protocols that are used until the standardization of IEEE 802.11i standard. Wi-fi appliance decided that ratification and standardization of 802.11i standards will take more time. So, they came up with WPA.

Now, WPA2 is advanced version of WPA. WPA2 uses AES as encryption algorithm. Whereas, WPA use TKIP as encryption mode which in turn uses RC4 encryption algorithm.

WPA and WPA2 are actually are of 2 types respectively.

WPA/WPA2-PSK - This is mainly for small offices. This uses Pre-Shared Key for authentication.

WPA/WPA2 -Enterprise - This uses a RADIUS Server for authentication. This is an extension to 802.1x authentication. But this uses stronger encryption scheme(WPA uses RC4 and WPA2 uses AES).

Any authentication mechanism that involves a separation authentication server for authentication like ACS server is called 802.1x authentication.

EAP stands for Extensible Authentication Protocol. It refers to the type or method of 802.1x Authentication by the RADIUS/Tacacs server. A RADIUS server can authenticate a wireless client with various EAP methods.

LEAP is one type of EAP. It uses username and password for authenticating wireless clients. LEAP is cisco proprietory.

There are also EAP types which uses other user credentials like Certificates, SIM etc for authentcation.

The following document might clarify your doubts.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.shtml

15520
Views
9
Helpful
1
Replies