Thanks for the detailed explanation this is what I've been looking for but have been unable to locate.
Derek On Thursday, March 21, 2002, at 03:57 PM, John Lindsay wrote: > I've just studied this with Cisco and I can steal a clear explanation > from the notes. > > To make it clear for everyone, the supplicant is the software on the > client (machine with the wireless card). > > The EAP process doesn't start until the client has associated with the > Access Point using Open authentication. If this process isn't crystal > clear you need to go away and gain understanding. > > Once the association is made the AP blocks all traffic that is not > 802.1x so although associated the connection only has value for EAP. > Any EAP traffic is passed to the radius server and any radius traffic > is passed back to the client. > > So, after the client has associated to the Access Point, the supplicant > starts the process for using EAP over LAN by asking the user for their > logon and password. > > Using 802.1x and EAP the supplicant sends the username and a one-way > hash of the password to the AP. > > The AP encapsulates the request and sends it to the RADIUS server. > > The radius server needs a plaintext password so that it can perform the > same one-way hash to determine that the password is correct. If it is, > the radius server issues an access challenge which goes back via to the > AP to the client. (my study guide says client but my brain says > 'supplicant') > > The client sends the EAP response to the challenge via the AP to the > RADIUS server. > > If the response is valid the RADIUS server sends a success message and > the session WEP key (EAP over wireless) to the client via the AP. The > same session WEP key is also sent to the AP in the success packet. > > The client and the AP then begin using session WEP keys. The WEP key > used for multicasts is then sent from the AP to the client. It is > encrypted using the session WEP key. > > > -- > John Lindsay - Engineering Services Manager > Internode Professional Access > ph +61 8 8223 2999 fx +61 8 8223 1777 > 31 York St Adelaide, PO BOX 284 Rundle Mall SA 5000 > > > - List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
