ZyXEL Communications 2602HWNLI-D7A Modem User Manual


 
Prestige 2602HWNLI-D7A Support Notes
All contents copyright (c) 2007 ZyXEL Communications Corporation.
110
The device (i.e. RADIUS server) provides an authentication service to an authenticator. This service
determines, from the credentials provided by the supplicant, whether the supplicant is authorized to
access the services provided by the authenticator. The authentication server performs the actual
authentication of the client. It validates the identity of the supplicant. Because the authenticator acts as the
proxy, the authentication service is transparent to the supplicant.
Some Wireless AP (i.e. ZyXEL Wireless AP) have built-in authentication server, external RADIUS
authentication server is not needed. In this case, Wireless AP is acted as both authenticator and authentication
server.
Authentication Port State and Authentication Control
The port state determines whether or not the supplicant (Wireless Client) is granted access to the network
behind Wireless AP. There are two authentication port state on the AP, authorized state and unauthorized state.
By default, the port starts in the unauthorized state. While in this state, the port disallows all incoming and
outgoing data traffic except for 802.1x packets. When a supplicant is successfully authenticated, the port
transitions to the authorized state, allowing all traffic for the client to flow normally. If a client that does not
support 802.1x is connected to an unauthorized 802.1x port, the authenticator requests the client’s identity. In
this situation, the client does not respond to the 802.1x request, the port remains in the unauthorized state, and
the client is not granted access to the network.
When 802.1x is enabled, the authenticator controls the port authorization state by using the following control
parameters. The following three authentication control parameter are applied in Wireless AP.