- Tech know how online

extensible authentication protocol (EAP)

The Extensible Authentication Protocol (EAP), described in RFC 2284, is an extension of the Point to Point Protocol( PPP) based on 802.1x. The EAP protocol provides a fundamental foundation for a comprehensive, centralized security concept in networks and WLANs.

The EAP protocol provides secure connections in Virtual Private Networks( VPN), can be used in conjunction with Point to Point Tunneling Protocol( PPTP) or Layer 2 Tunneling Protocol( L2TP), provides multiple authentication options and defines the communication between the requester and the authenticator, and provides centralized authentication to the individual user for comprehensive data protection. Authentication methods supported include Radius, Kerberos, and Public Key System (PKS).

Functional sequence of the EAP protocol in WLANs

Functional sequence of the EAP protocol in WLANs

In WLANs, the EAP protocol can enhance WLAN security and monitor access to WLAN access points. Since the client and server verify each other's identity, no connections are established to unauthorized access points( AP). In addition, the EAP protocol can be used to install the key for Wired Equivalent Privacy(WEP).

EAP data packets should only be transported on a Layer 2 link between two end systems, such as between a personal computer( PC) and its switch port, and should not be forwarded through switches.

802.11i authentication

802.11i authentication

The EAP protocol also exists in several versions as EAP- TLS with logon via a certificate infrastructure, EAP- GTC with logon via a token infrastructure, EAP-TTLS with tunneling and in proprietary versions, as Protected EAP( PEAP) from Microsoft, or in the versions used by Cisco, the light version LEAP and as EAP-FAST, which stands for EAP Flexible Authentication via Secure Tunneling.

In addition, there are several variants for different transmission media. Namely via local area networks( LAN), EAP over LAN( EAPoL), and for WLANs as EAP over WLAN (EAPoW).

Englisch: extensible authentication protocol - EAP
Updated at: 12.05.2014
#Words: 283
Links: response for a class (RFC), extension (EXTN), point-to-point protocol (PPP), protocol, security
Translations: DE

All rights reserved DATACOM Buchverlag GmbH © 2023