Some 802.11 limitations are listed in Figure
. One severe
limitation of a WEP-only WLAN is that users are not authenticated. WPA allows
user authentication through the IEEE 802.1x protocol. 802.1x is a recently
completed standard for controlling entry to both wired and wireless LANs.
802.1x provides mutual authentication. Mutual authentication means that the
network and the user prove their identity to each other.
The 802.11i standard also uses 802.1x and the TKIP enhancements to WEP. One
advantage of the 802.1x standard is that it can support a variety of
authentication types, as shown in Figure
. An
access point that supports 802.1x and its protocol, Extensible Authentication
Protocol (EAP), acts as the interface between a wireless client and an
authentication server such as a Remote Access Dial-In User Service (RADIUS)
server. The access point communicates with the RADIUS server over the wired
network.