How it works

IEEE 802.1X client authentication relies on an authentication server to validate or reject the client device credentials. While a full understanding of exactly how IEEE 802.1X authentication works is not necessary to use it, it may help during configuration and testing to have a general sense of what is occurring. For more detailed explanations, do an internet search.

IEEE 802.1X provides a way to authenticate the clients that are physically connected to a network. This type of authentication prohibits an unauthorized device (for example, a laptop operated with malicious intent) from connecting to a network.

Three actors play roles in the authentication drama:

The supplicant is a device (computer, JACE, etc.) that connects to the network.
The authenticator is the network port or WiFi access point to which the device connects.
The authentication server is a host on the network (RADIUS server) that is capable of verifying the identity of the device.

Before a device is allowed to access any resource on the network, the supplicant’s credentials must be authenticated. The authenticator forwards the supplicant’s credentials to the authentication server. If the authentication server accepts the supplicant’s credentials, the authenticator gives the supplicant access to network resources. Otherwise, the supplicant does not gain access.

How it works

Related Links