Chapter 2. Secure Client Devices
Wireless networks give mobile clients flexibility and freedom, helping us be more productive. At the same time, they also have to provide us with the security we need.
Configuring EAP Authentication
802.11 association creates a virtual port for each client on the AP radio interface they connect through. 802.1X frames carry Extensible Authentication Protocol (EAP) packets to a authentication, authorization, and accounting (AAA) server using the RADIUS protocol.
802.1X opens a port to non-EAP traffic only after a RADIUS server sends an EAP over LAN (EAPOL) success message, indicating the client successfully authenticated to the RADIUS server. Until this happens, the port is closed to all other traffic. ...