ZyXEL Communications 10 User Manual

ZyWALL 10~100 Series Internet Security Gateway

Wireless LAN Security Setup

7-5

7.3.3

Sequence for EAP Authentication

The following figure shows the authentication steps when you enable EAP and specify a RADIUS server on
your access point.

Figure 7-3 Sequence for EAP Authentication

The steps below describe how the IEEE 802.1x EAP authentication works.
Step 1.

The wireless client sents a “request” message to the ZyWALL.

Step 2.

The ZyWALL sends a “request” message to the wireless client for identity information.

Step 3.

The wireless client replies with the password and username information.

Step 4.

The ZyWALL receives the message and repackets this information into an Access-Request
package which is then sent to the remote RADIUS server (or the Authentication server).

Step 1.

The RADIUS server checks the user information against its user profile database and sends an
“accept” or a “deny” packet to the ZyWALL.

Step 2.

When the ZyWALL receives the “accept” packet, the client port is placed into an authorized state
and traffic is allowed to proceed. Otherwise, no traffic is allowed.

7.3.4

Enable EAP Authentication on Your ZyWALL

Click Advanced, Wireless and the 802.1X tab to the display the Wireless LAN 802.1X Authentication
screen.