Combining mac-based, eap, and open authentication – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

355

Configuring Authentication Types

Chapter 12

This figure shows the authentication sequence for MAC-based authentication.

Figure 94 - Sequence for MAC-Based Authentication

Combining MAC-Based, EAP, and Open Authentication

You can set up the access point to authenticate client devices by using a
combination of MAC-based and EAP authentication. When you enable this
feature, client devices that associate to the access point by using 802.11 open
authentication first attempt MAC authentication; if MAC authentication
succeeds, the client device joins the network. If MAC authentication fails, EAP
authentication takes place.

See the

Assigning Authentication Types to an SSID on page 359

for instructions

on setting up this combination of authentications.

TIP

If MAC-authenticated clients on your wireless LAN roam frequently, you can
enable a MAC authentication cache on your access points. MAC authentication
caching reduces overhead because the access point authenticates devices in its
MAC-address cache without sending the request to your authentication server.
See

Configuring MAC Authentication Caching on page 366

for instructions on

enabling this feature.

Access point

or bridge

Wired LAN

Client

device

Server

1. Authentication request

2. Authentication success

3. Association request

4. Association response
(block traffic from client)

5. Authentication request

6. Success

7. Access point or bridge unblocks
traffic from client

65584