Figure 7 802.1x Authentication Process (WPA2 ) Source: Embedded.com o Supplicant request access with AP. o Authenticator detects supplicant association and enables the supplicant’s port. o Port is forced into an unauthorized state to forward only x traffic (all other traffic is blocked. o The authenticator passes request to the authentication server. o The authentication server and client exchange authentication messages for server to verify supplicant’s identity. Mutual authentication is also possible, where supplicant is verifies the authentication server’s identity. o The authentication server instructs the authenticator via a RADIUS-ACCEPT message to let the supplicant onto the network if it has satisfied the authentication criteria. If not, an RADIUS-REJECT message is sent to the authenticator. o Upon receipt of the RADIUS-ACCEPT message, the authenticator transitions the supplicant port to an authorized state allowing the supplicant onto the network The initial 802.11 standard has undergone several revisions since it was ratified, through different task groups of the IEEE 802.11 Working Group (WG), to improve the technology and address security issues. In table 5 shown in the next page, I summarized the existing IEEE 802.11 family of standards.
