Presentation is loading. Please wait.

Presentation is loading. Please wait.

Informing AAA about what lower layer protocol is carrying EAP

Published byChristian Murphy Modified over 6 years ago

Similar presentations

Presentation on theme: "Informing AAA about what lower layer protocol is carrying EAP"— Presentation transcript:

1 Informing AAA about what lower layer protocol is carrying EAP
Nov 2004 at IETF-61

2 The Problem The AAA (EAP) server receives two authentication requests with no knowledge of which service originated it Home Network Access Network AAA server Client VPN gateway AAA protocol is Diameter or RADIUS VPN gateway uses IKEv2 in EAP mode

3 The Solution Lower layer: 802.1X Lower layer: IKEv2
The EAP lower layer attribute indicates the EAP server the service that originated the authentication Lower layer: 802.1X Home Network Access Network AAA server Client VPN gateway Lower layer: IKEv2 The EAP server can take proper decision according to the EAP lla (authorize, reject, etc.)

4 The Alternatives New values for NAS-Port-Type or Service-Type
A standalone attribute (draft-mariblanca) A combination of NAS-Port-Type and something else NAS-Port-Type = /PANA/Virtual If Virtual, then we describe the specific protocol using either (a) RFC 2868 Tunnel-Type and Tunnel-Medium-Type (b) A new attribute NAS-Virtual-Port-Type Values: IKEv2, … Does the mandatory tunneling and incoming virtual protocol usage conflict?

Download ppt "Informing AAA about what lower layer protocol is carrying EAP"

Similar presentations

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.

TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.
AAA-Mobile IPv6 Frameworks Alper Yegin IETF 62. 2 Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.

AAA-Mobile IPv6 Frameworks Alper Yegin IETF Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.
ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.

ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.

Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and 802.11i IKEv2 EAP authentication.

1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and i IKEv2 EAP authentication.
November 10, 2003EAP WG, IETF 581 EAP State Machines (draft-ietf-eap-statemachine-01) John Vollbrecht, Pasi Eronen, Nick Petroni, Yoshihiro Ohba.

November 10, 2003EAP WG, IETF 581 EAP State Machines (draft-ietf-eap-statemachine-01) John Vollbrecht, Pasi Eronen, Nick Petroni, Yoshihiro Ohba.
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.

1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.

EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
July 16, 20031 Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
EAP Authentication for SIP & HTTP V. Torvinen (Ericsson), J. Arkko (Ericsson), A. Niemi (Nokia),

EAP Authentication for SIP & HTTP V. Torvinen (Ericsson), J. Arkko (Ericsson), A. Niemi (Nokia),
EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Yang Shi Qin Wu Zhen Cao

EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Yang Shi Qin Wu Zhen Cao
EAP Extensions for EAP Early Authentication Protocol (EEP) Hao Wang, Yang Shi, Tina Tsou.

EAP Extensions for EAP Early Authentication Protocol (EEP) Hao Wang, Yang Shi, Tina Tsou.
Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.

Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.
1 Background and Introduction. 2 Outline History Scope Administrative.

1 Background and Introduction. 2 Outline History Scope Administrative.

Similar presentations

Ads by Google