IEEE 802.1x standard

What is 802.1x?

The 802.1X standard is designed to enhance the security of wireless local area networks (WLANs). 802.1X provides an authentication framework for wireless LANs, allowing a user to be authenticated by a central authority (RADIUS).

How does 802.1x work?

802.1x is a network authentication protocol that opens ports for network access when an organization authenticates a user’s (known as the supplicant) identity and authorizes them for access to the network. The access point forces the user (actually, the user's client software) into an unauthorized state that allows the client to send only an EAP start message.

The access point returns an EAP message requesting the user's identity. The client returns the identity (credentials or certificate), which is then forwarded by the access point to the RADIUS authentication server. The RADIUS server is able to authentication this by communicating with the organization’s directory.

Authenticatio server returns an accept or reject message back to the access point. Assuming an accept was received, the access point changes the client's state to authorized and normal traffic can now take place.