Re: simple theoretical 802.1x question
From: Steve (no-address_at_hatespam.com)
Date: 06/20/04
- Next message: Steve: "Authorizing a EAP-TLS client"
- Previous message: Steve: "WPA EAP-TLS"
- In reply to: Maarten: "simple theoretical 802.1x question"
- Next in thread: Maarten: "Re: simple theoretical 802.1x question"
- Reply: Maarten: "Re: simple theoretical 802.1x question"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 20 Jun 2004 09:49:40 GMT
Between the AP and client EAP Over LAN (EAPOL) messages are sent with the
addresses used for these messages being the MAC address of the client and
AP. Only after the client is authenticated essentially at layer 2
(ethernet) does the AP 'open up' and allow DHCP, IP, etc.
see: http://www.javvin.com/protocol8021X.html
Steve
"Maarten" <maarten_ve@nospamhotmail.com> wrote in message
news:cWcBc.161022$%%.8110134@phobos.telenet-ops.be...
> When using a 802.1x compatible switch you can select a specific port to
use
> authentication or not. If a person authenticates correctly the specific
port
> is opened and only then all trafic is allowed to go through.
>
> But how is this done in WiFi Access points? How is it possible to allow
(and
> authenticate) several users on what seems to one port? When a port is
> openend, does it not allow all trafic, so other users can take advantage
of
> this?
>
> There is probably something wrong with my way of looking at it, but I
would
> like to be corrected ;)
>
> Thank you
>
>
- Next message: Steve: "Authorizing a EAP-TLS client"
- Previous message: Steve: "WPA EAP-TLS"
- In reply to: Maarten: "simple theoretical 802.1x question"
- Next in thread: Maarten: "Re: simple theoretical 802.1x question"
- Reply: Maarten: "Re: simple theoretical 802.1x question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
