Hi,
At 03:24 28/09/2004, Timolthy Keithy wrote:
The RADIUS working along with 802.1x to secure the WLAN network; However, what are different between RADIUS and 802.1x.
RADIUS is a protocol used between a NAS (Network Access Server, in the case of Wi-Fi this would be the AP) and the AAA server (the server that has the database of valid users with their credentials, etc.). The goal of RADIUS is to have a central database which can be queried by a number of APs, simplifying management.
802.1X is a protocol used between a Wi-Fi client and the AP in this case (it can also be used over Ethernet). It is really mostly an encapsulation of EAP over 802-type networks (EAP was originally a PPP authentication method).
EAP is a protocol which is used end-to-end between the Wi-Fi client and the AAA server (carried within 802.1X between the client and AP, and within RADIUS between the AP and the AAA server). EAP itself can carry a variety of authentication protocols (EAP methods), such as EAP-TLS, EAP-TTLS, PEAP, EAP-MD5, EAP-SRP, EAP-SIM, EAP-AKA, etc. Some are suitable for wireless, some aren't (like EAP-MD5). The method used should be secure and be able to provide per-session keys to both ends.
To use the whole thing, you need: - to pick an EAP method - Wi-Fi clients that are 802.1X capable and can handle the chosen EAP method - an AP that is 802.1X and RADIUS capable - a RADIUS server that can handle the chosen EAP method
Depending on the EAP method, additional stuff might be required, like a full-blown PKI.
Hope that helps,
Jacques.
_______________________________________________ BAWUG's general wireless chat mailing list [unsubscribe] http://lists.bawug.org/mailman/listinfo/wireless
