METHOD, APPARATUS, AND SYSTEM FOR CENTRALIZED 802.1X AUTHENTICATION IN WIRELESS LOCAL AREA
First Claim
1. A method for centralized 802.1X authentication in a wireless local area network, wherein the wireless local area network comprises an authentication entity, an access point, and at least one user equipment (UE), the authentication entity is connected to the at least one UE through the access point, and the method comprises:
- receiving, by the access point, an extensive authentication protocol (EAP) authentication start message from the UE, wherein a destination address of the EAP authentication start message is a media access control (MAC) address corresponding to an air interface of the access point, and a source address of the EAP authentication start message is a MAC address of the UE;
modifying, by the access point, the destination address of the EAP authentication start message to be one of the group consisting of (a) a multicast address of a port access entity and (b) a MAC address of the authentication entity; and
forwarding, by the access point, the EAP authentication start message whose destination address is modified, so that the authentication entity starts access authentication for the UE according to the EAP authentication start message whose destination address is modified.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention discloses a method, an apparatus, and a system for centralized 802.1X authentication in a wireless local area network, and the method includes: receiving, by the access point, an EAP authentication start message from the UE, where a destination address of the EAP authentication start message is a MAC address corresponding to an air interface of the access point, and its source address is a MAC address of the UE; modifying the destination address of the EAP authentication start message to be a multicast address of a port access entity or a MAC address of the authentication entity; and forwarding the EAP authentication start message whose destination address is modified.
-
Citations
10 Claims
-
1. A method for centralized 802.1X authentication in a wireless local area network, wherein the wireless local area network comprises an authentication entity, an access point, and at least one user equipment (UE), the authentication entity is connected to the at least one UE through the access point, and the method comprises:
-
receiving, by the access point, an extensive authentication protocol (EAP) authentication start message from the UE, wherein a destination address of the EAP authentication start message is a media access control (MAC) address corresponding to an air interface of the access point, and a source address of the EAP authentication start message is a MAC address of the UE; modifying, by the access point, the destination address of the EAP authentication start message to be one of the group consisting of (a) a multicast address of a port access entity and (b) a MAC address of the authentication entity; and forwarding, by the access point, the EAP authentication start message whose destination address is modified, so that the authentication entity starts access authentication for the UE according to the EAP authentication start message whose destination address is modified. - View Dependent Claims (2, 3, 4)
-
-
5. A method for centralized 802.1X authentication in a wireless local area network, comprising:
-
generating, by an access point, an extensive authentication protocol (EAP) authentication start message, wherein a destination address of the EAP authentication start message is one of the group consisting of (a) a multicast address of a port access entity and (b) a media access control (MAC) address of an authentication entity, and a source address of the EAP authentication start message is a MAC address of a user equipment (UE); sending, by the access point, the EAP authentication start message; receiving, by the access point, an EAP authentication message sent by the authentication entity, wherein a source address of the EAP authentication message is the MAC address of the authentication entity, and a destination address of the EAP authentication message is the MAC address of the UE; and modifying, by the access point, the source address of the EAP authentication message to be a MAC address corresponding to an air interface of the access point, and forwarding the EAP authentication message with the modified source address to the UE.
-
-
6. An access point device, comprising:
-
a first receiving module, configured to receive an extensive authentication protocol (EAP) authentication start message sent by a user equipment (UE), wherein a destination address of the EAP authentication start message is a media access control (MAC) address corresponding to an air interface of an access point, and a source address of the EAP authentication start message is a MAC address of the UE; a first address-modifying module, configured to modify the destination address of the EAP authentication start message received by the first receiving module to be one of the group consisting of (a) a multicast address of a port access entity and (b) a MAC address of an authentication entity; and a first forwarding module, configured to forward the EAP authentication start message whose destination address is modified by the first address-modifying module, so that the authentication entity starts access authentication for the UE according to the EAP authentication start message whose destination address is modified. - View Dependent Claims (7, 8, 9)
-
-
10. A system for centralized 802.1X authentication in a wireless local area network, wherein the wireless local area network comprises an authentication entity, an access point, and at least one user equipment (UE), the authentication entity is connected to the at least one UE through the access point, and
the access point is configured to: - receive an extensive authentication protocol (EAP) authentication start message sent by the UE, wherein a destination address of the EAP authentication start message is a media access control (MAC) address corresponding to an air interface of the access point, and a source address of the EAP authentication start message is a MAC address of the UE;
modify the destination address of the EAP authentication start message to be one of the group consisting of (a) a multicast address of a port access entity and (b) a MAC address of the authentication entity; and
forward the EAP authentication start message whose destination address is modified, so that the authentication entity starts access authentication for the UE according to the EAP authentication start message whose destination address is modified.
- receive an extensive authentication protocol (EAP) authentication start message sent by the UE, wherein a destination address of the EAP authentication start message is a media access control (MAC) address corresponding to an air interface of the access point, and a source address of the EAP authentication start message is a MAC address of the UE;
Specification