3Com WX2200 3CRWX220095A Switch User Manual


 
GLOSSARY 681
EAP Extensible Authentication Protocol. A general point-to-point protocol
that supports multiple authentication mechanisms. Defined in
RFC 2284, EAP has been adopted by IEEE 802.1X in an encapsulated
form for carrying authentication messages in a standard message
exchange between a user (client) and an authenticator. The
encapsulated EAP, also known as EAP over LAN (EAPoL) and EAP over
Wireless (EAPoW), enables the authenticator’s server to authenticate the
client with an authentication protocol agreed upon by both parties. See
also EAP type.
EAPoL EAP over LAN. An encapsulated form of the Extensible Authentication
Protocol (EAP), defined in the IEEE 802.1X standard, that allows EAP
messages to be carried directly by a LAN media access control (MAC)
service between a wireless client (or supplicant) and an authenticator.
EAPoL is also known as EAP over Wireless (EAPoW). See also EAP.
EAP over LAN See EAPoL.
EAP over Wireless See EAPoL.
EAPoW See EAPoL.
EAP-TLS Extensible Authentication Protocol with Transport Layer Security. An EAP
subprotocol for 802.1X authentication. EAP-TLS supports mutual
authentication and uses digital certificates to fulfill the mutual
challenge. When a user (client) requests access, the authentication
server responds with a server certificate. The client replies with its own
certificate and also validates the server certificate. From the certificate
values, the EAP-TLS algorithm can derive session encryption keys. After
validating the client certification, the authentication server sends the
session encryption keys for a particular session to the client. Compare
PEAP.
EAP type A specific Extensible Authentication Protocol (EAP) authentication
mechanism. Both the wireless client (or supplicant) and the
authenticator must support the same EAP type for successful
authentication to occur. EAP types supported in a 3Com Mobility
System wireless LAN (WLAN) include EAP-MD5, EAP-TLS, PEAP-TLS,
PEAP-MS-CHAP, and Tunneled Transport Layer Security (TTLS). See also
MD5; MS-CHAP-V2; PEAP; TLS; TTLS.
EAP with Transport
Layer Security
See EAP-TLS.