User guide
Odyssey Access Client User Guide
2 How OAC Operates in a Network
How OAC Operates in a Network
When you attempt to connect to an 802.1X network, OAC requests authenticated
access through a wireless access point or through an 802.1X switch. The
authentication sequence is the same whether you use a wired or a wireless
connection. In either case, your access to protected resources requires
authentication by an AAA (authentication) server.
With 802.1X, you get authenticated to a network based on matching authentication
(EAP) protocols and on your user credentials, such as a password, certificate, or a
token card. For details about configuring EAP protocols, see “Selecting
Authentication Protocols” on page 45. For details about setting up credentials, see
“Specifying User Info” on page 39.
OAC can be deployed in two distinct network environments:
A traditional network that manages authentication with a standard AAA server,
such as Steel-Belted Radius.
A network that uses Juniper’s Unified Access Control (UAC) solution for
managing authentication and secure access for both the user and the computer
(“endpoint”).
OAC in a Traditional Network
When deployed in traditional networks that do not include UAC components, OAC
negotiates authentication to the network either through an 802.1X switch or
through an 802.1X wireless access point.
In a wireless network, the 802.1X authentication occurs after the client has
associated to an access point using an 802.11 association method.
Figure 1: OAC in a Traditional Network (without UAC)
OAC Authentication in a Traditional Network
The steps in a typical 802.1X authentication process are:
1. When a wireless client attempts to connect to an 802.1X network, it signals an
access point that it is making an authentication request. This step is commonly
known as association.