devices attached to a LAN port and prevent access to that port if the authentication
process fails.
What is RADIUS?
RADIUS is the Remote Authentication Dial-In User Service, an Authorization,
Authentication, and Accounting (AAA) client-server protocol, that is used when a
AAA dial-up client logs in or out of a Network Access Server. Typically, a RADIUS
server is used by Internet Service Providers (ISP) to perform AAA tasks. AAA phases
are described as follows:
● Authentication phase: Verifies a user name and password against a local
database. After credentials are verified, the authorization process begins.
● Authorization phase: Determines whether a request is allowed access to a
resource. An IP address is assigned for the dial-up client.
● Accounting phase: Collects information on resource usage for the purpose
of trend analysis, auditing, session time billing, or cost allocation.
How 802.1x Authentication Works
A simplified description of 802.1x authentication is:
● A client sends a "request to access" message to an access point. The access
point requests the identity of the client.
● The client replies with its identity packet which is passed along to the
authentication server.
● The authentication server sends an "accept" packet to the access point.
● The access point places the client port in the authorized state and data traffic
is allowed to proceed.
802.1x Features
● 802.1x supplicant protocol support
● Support for the Extensible Authentication Protocol (EAP) - RFC 2284
● Supported Authentication Methods:
❍ EAP TLS Authentication Protocol - RFC 2716 and RFC 2246
❍ EAP Tunneled TLS (TTLS)
❍ PEAP
● Supports Microsoft Windows XP and Microsoft Windows 2000
To Next Page
Loading...