EAP request -sent by the authenticator to supplicant
The type field is used to indicate what is requested
The sequence number is used to allow authenticator and
peer to match the response to the request.
EAP response - sent by supplicant to the authenticator
The sequence number is used to match EAP request,
except if the response is a negative acknowledgement (NAK)
EAP success - sent from authenticator to supplicant
Sent when successful authentication has occurred.
EAP failure - sent from authenticator to supplicant
Sent when unsuccessful authentication has occurred.
EAP Supplicants
- PEAP MSCHAPv2 - uses TLS tunnel to protect an encapsulated MSCHAPv2 exchange between WLAN clients and the authentication server.
- PEAP GTC - uses a TLS tunnel to protect a generic token card exchange (one time password or LDAP authentication)
- EAP FAST - uses a tunnel similar to PEAP, but does not require the use of a PKI infrastructure.
- EAP TLS - uses PKI to authenticate the WLAN network to the WLAN client, requiring a client certificate and an authentication server certificate
No comments:
Post a Comment