The 802.1X protocol is based on Client/Server access control and authentication protocol. Due to environmental issues, it has always been the focus of discussion on security issues. Of course, 802.1X also has its own advantages. Many friends of research networks will be interested in 802.1X. How does 802.1X work under WinXP? If you don't know yet, then the following tutorial will answer you.
Recommended: Under the latest WinXP system
WinXP system 802.1X how it works
answer this question we must first know the implementation of 802.1X port-based access? control. In a WLAN, a port is the connection between an access point (AP) and a workstation. There are two types of ports in 802.1x: uncontrolled and controlled. What you are using now is a non-control port: it allows devices to connect to ports and communicate with any other network device. Instead, the control port limits the network address that the connected device can communicate with. You may already be able to understand what's going on next: 802.1X allows all clients to connect to the control port, but these ports only send traffic to the authentication server. After the client is authenticated, it is allowed to start using the non-control port. The mystery of 802.1x is that non-control and control ports are logical devices that coexist on the same physical network port.
For authentication, 802.1X further defines two roles for network devices: the supplicant and the authenticator. The applicant is a device that requests access to network resources (such as a laptop equipped with an 802.11b network card). A certifier is a device that authenticates an applicant and decides whether to grant access to the applicant. Wireless APs can act as authenticators; however, the industry-standard Remote Authentication Dial-In User Service (RADIUS) protocol is more flexible. This protocol is included in WinXP; through RADIUS, the AP receives the authentication request and forwards the request to the RADIUS server, which authenticates the user against Active Directory.
802.1X does not use Wired Equivalent Privacy (WEP) for authentication; instead, it uses the industry standard Extensible Authentication Protocol (EAP) or newer version. In either case, EAP/PEAP has its unique advantages: they allow for the choice of authentication methods. By default, 802.1X does not use Wired Equivalent Privacy (WEP) when authenticating; instead, it uses the industry standard Extensible Authentication Protocol (EAP) or newer version. . In either case, EAP/PEAP has its unique advantages: they allow for the choice of authentication methods. By default, 802.1X uses EAP-TLS (EAP-Transport Layer Security), where all EAP-protected traffic is encrypted by the TLS protocol (very similar to SSL).
The entire authentication process is this:
1. The wireless workstation attempts to connect to the AP through a non-control port. (Because the workstation is not authenticated at this time, it cannot use the control port). The AP sends a plain text challenge to the workstation.
2. In response, the workstation provides its own identification.
3.AP forwards identity information from the workstation to the RADIUS authenticator using a wired LAN.
4. The RADIUS server queries the specified account to determine what credentials are required (for example, you might configure your RADIUS server to accept only digital certificates). This information is converted into a credential request and returned to the workstation.
5. The workstation sends its credentials through a non-control port on the AP.
6. The RADIUS server authenticates the credentials; if it passes the authentication, it sends the authentication key to the AP. This key is encrypted so only the AP can decrypt it.
7.AP decrypts the key and uses it to create a new key for the workstation. This new key will be sent to the workstation, which is used to encrypt the workstation's primary global authentication key.
8. A regular AP will generate a new primary global authentication key and send it to the client. This solves the problem of long-lived fixed keys in 802.11, and attackers can easily attack fixed keys through brute force attacks.
The above is the working process of 802.1X under WinXP. After reading it, I believe that there is a preliminary understanding. The knowledge in this area is relatively deep. Interested friends can continue to dig down and recommend everyone. Take a look at "WinXP's Simple Way to Deploy 802.1X", I believe it will be of great help to you.
When you want to delete a desktop shortcut on your computer, or delete a desktop fi
Some WinXP users put the unused junk files in the computer into the recycle bin, but the system prom
During the use of WinXP system, I dont know if you have encountered a script error. When you open a
When we install the software, generally do not install the software in the C drive, because the C dr
WinXP plugged in the power to automatically boot the processing measures
Easy to learn Windows XP system optimization top ten tips
Solving Windows XP printers can't share puzzles
How to retrieve the xp system login password
WinXP thumbnail display exception solution
WinXP in the lower right corner prompts to delay write failure how to deal with
Master tricks Windows operating system thirteen installation tips
How to copy slides in batches? PowerPoint is easy to get
How to make WinXP and Linux coexist with each other
Windows 10 Build 10586.164 release: including desktop and mobile
Win7 system shutdown unresponsive solution strategy
Windows system advanced options menu becomes English
How to open the Win10 system configuration to optimize the system
Vista shipped models modified XP, the prompt does not recognize the hard drive solution
Windows7 system computer scan file method
What should I do if the win7 system configuration Bluetooth option is not available?
Win10 system VC application can not run and prompt 0xc0000142 solution