Enterprise WLAN Authentication
Authenticating wireless users

Some 802.11 limitations are listed in Figure . One severe limitation of a WEP-only WLAN is that users are not authenticated. WPA allows user authentication through the IEEE 802.1x protocol. 802.1x is a recently completed standard for controlling entry to both wired and wireless LANs. 802.1x provides mutual authentication. Mutual authentication means that the network and the user prove their identity to each other.

The 802.11i standard also uses 802.1x and the TKIP enhancements to WEP. One advantage of the 802.1x standard is that it can support a variety of authentication types, as shown in Figure . An access point that supports 802.1x and its protocol, Extensible Authentication Protocol (EAP), acts as the interface between a wireless client and an authentication server such as a Remote Access Dial-In User Service (RADIUS) server. The access point communicates with the RADIUS server over the wired network.