1 / 6

Pre-Authentication with 802.1X

Pre-Authentication with 802.1X. Relationship Between State Variables and Services. Class 1 frames does include data frames. Class 1 frames (permitted from within States 1, 2 and 3): Data frames: Data frames with FC control bits "To DS” and “From DS" both false.

inge
Download Presentation

Pre-Authentication with 802.1X

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pre-Authentication with 802.1X D. Halasz, Cisco, K. Amann, SpectraLink

  2. Relationship Between State Variables and Services D. Halasz, Cisco, K. Amann, SpectraLink

  3. Class 1 frames does include data frames • Class 1 frames (permitted from within States 1, 2 and 3): • Data frames: • Data frames with FC control bits "To DS” and “From DS" both false. D. Halasz, Cisco, K. Amann, SpectraLink

  4. IEEE 802.1X packets from the supplicant go to the authenticator • From IEEE 802.1X • “… This encapsulated form of EAP, known as EAP over LANs, or EAPOL, is used for all communication between the Supplicant PAE and the Authenticator PAE. The Authenticator PAE can then re-package the EAP protocol for onward transmission to the Authentication Server, if the server function is not co-located….” D. Halasz, Cisco, K. Amann, SpectraLink

  5. Infrastructure state information is not affected by the pre-authentication • Since the authenticator sends the data to the authentication server, switches will not get confused. D. Halasz, Cisco, K. Amann, SpectraLink

  6. Supplicants can 802.1X authenticate before 802.11 association • Supplicant can be associated and then perform multiple 802.1X authentications, to different APs. • Supplicant can then do a make before break. D. Halasz, Cisco, K. Amann, SpectraLink

More Related