ZyXEL Communications G-2000 Plus User Manual
ZyAIR G-2000 Plus User’s Guide
415
Appendix I
RADIUS Server Authentication Sequence
The following figure depicts a typical wireless network with a remote RADIUS server for user
authentication using EAPOL (EAP Over LAN).
authentication using EAPOL (EAP Over LAN).
Figure 236 Sequences for EAP MD5–Challenge Authentication
Mutual Authentication with Internal RADIUS server.
Microsofts Challenge-Handshake Authentication Protocol (MS-CHAP V2) is used to
periodically verify the identity of the peer (station or other AP) using a three-way handshake.
periodically verify the identity of the peer (station or other AP) using a three-way handshake.
The following figure depicts a typical wireless network with a ZyAIR RADIUS server for user
authentication using PEAP (Protected EAP) and MS-CHAP V2.
authentication using PEAP (Protected EAP) and MS-CHAP V2.
The ZyAIR authenticates in two phases when it is acting as a RADIUS server: