Specifications
OmniAccess Reference: AOS-W System Reference
240 Part 031652-00 May 2005
The IAS server has also been configured to transmit an RADIUS
attribute called “Class” to the Alcatel switch. The value of this
attribute is set to “computer” to identify the authenticated
device as a computer. The Alcatel switch is configured to
recognize this RADIUS attribute, and maps the wireless client
to a “computer” role.
zvi. Using information from the 802.1x authentication exchange, the wire-
less client and Alcatel switch derive dynamic keys for use in the
encryption process. After key derivation, both the client and the Alcatel
switch begin using the WEP encryption protocol to encrypt data on the
wireless network.
c The laptop transmits a DHCP request. The Alcatel switch intercepts this
DHCP request and forwards it to an external DHCP server running on a
Windows server. The server assigns an IP address to the wireless laptop
and issues a DHCP response. The Alcatel switch learns the IP address
assigned to the client and stores this information in an internal table.
d The wireless laptop now has IP connectivity to the network, and can
contact the domain controller for authentication requests and group policy
updates. At this point, the laptop is still displaying a Windows domain login
screen.
3 A user enters a username and password in the Windows domain login
screen on the wireless laptop. A standard Windows authentication
procedure follows between the client and the domain controller.
4. If the Windows logon is successful, the laptop will perform another 802.1x
re-authentication to the wireless network using the user’s authentication
credentials. This behavior is the default for Windows, and is configurable
through a registry setting or through group policy.