Authenticating Wireless Clients

Question 1

What is the purpose of open authentication

Answer 1

to validate device is a valid 802.11 device by authenticating its hardware.

Question 2

Does open authentication require credentials

Answer 2

No

Question 3

What are the 2 modes of authentication supported by WPA

Answer 3

WPA personal - pre shared key is used to authenticate clients/APs/WLC

WPA enterprise - EAP is used to authenticate clients/APs/WLC

Question 4

In WPA personal mode which of the following devices need to be configured with the PSK
1. Client
2. AP
3. WLC

Answer 4

All

Question 5

What is EAP

Answer 5

Extensible authentication Protocol defines a set of authentication methods that can be used to authenticate wireless devices.

In a wireless set up EAP will occur between the client and the authentication server.

Question 6

What does 802.1x do

Answer 6

Limits a wireless clients access to a network until the user has successfully authenticated.

Question 7

In 802.1x / EAP what is the definition of the following roles:
Supplicant
Authentication Server
Authenticator

Answer 7

Supplicant - device requiring authentication.

Authentication Server - The server that processes the authentication (RADIUS or TACACS)
Authenticator - device between supplicant and authentication server typically a AP.

Question 8

Following the authentication what is EAPOL

Answer 8

EAP over LAN is used to exchange the encryption keys in a 4-way handshake.

Question 9

After the EAPOL is complete and the PMK and GMK keys are exchanged what happens

Answer 9

The 802.1x is unblocked and the client can access the network.

Question 10

What is WEB AUTH

Answer 10

When the user is presented with content to read and interact with this could be a AUP, request credentials or display info

Question 11

What can be configured in the WLC under the config > security page

Answer 11

Radius server
Web AUTH