Chapter 8 Access Service
Confidential and Proprietary Information of ZTE CORPORATION 161
Process of using the PAP mode for identity authentication is
shown in
Figure 30.
FIGURE 30 USING PAP MODE FOR IDENTITY AUTHENTICATION
EAPOL RADIUS
EAPOL-Start
EAP-Request/Identity
EAP-Response/Identity
EAP-Request/PAP
EAP-Response/PAP Access-Request/PAP
Access-AcceptEAP-Success
User terminal system
Switch
Connection setup
Successful access
RADIUS server
CHAP is an encrypted authentication mode and avoids
transmission of user’s real password upon the setup of
connection. NAS sends a randomly generated Challenge string
to user. User encrypts Challenge string by using own password
and MD5 algorithm and returns username and encrypted
Challenge string (encrypted password).
Server uses user password it stores and MD5 algorithm to
encrypt Challenge string. It compares this Challenge string
with encrypted password of the server and returns a response
accordingly.
Process of using the CHAP mode for identity authentication is
shown in
CHAP
To Next Page
Loading...
