Figure b-4: 802.1x authentication sequence – NETGEAR WPN802 User Manual

Reference Manual for the NETGEAR RangeMax™ Wireless Access Point WPN802

Wireless Networking Basics

B-13

202-10101-01, May 2005

Figure B-4: 802.1x Authentication Sequence

The AP sends Beacon Frames with WPA/WPA2 information element to the stations in the service
set. Information elements include the required authentication method (802.1x or Pre-shared key)
and the preferred cipher suite (WEP, TKIP, or AES). Probe Responses (AP to station) and
Association Requests (station to AP) also contain WPA information elements.

1.

Initial 802.1x communications begin with an unauthenticated supplicant (client device)
attempting to connect with an authenticator (802.11 access point). The client sends an
EAP-start message. This begins a series of message exchanges to authenticate the client.

2.

The access point replies with an EAP-request identity message.

Client with a WPA/
WPA2-enabled wireless

adapter and supplicant
(Win XP, Funk,

Meetinghouse)

For example, a

WPA/WPA2-enabled
AP

For example, a

RADIUS server

Controlled Port