PPP Extended Authentication Protocol (EAP) is a general protocol for PPP authentication that can support multiple authentication methods. EAP does not specify an authentication method in the link control phase, but the process is delayed to the certification phase. This way, you can decide what certification method for use after getting more information. This mechanism also allows the PPP authentication to simply transmit the received authentication packets to the rear authentication server, which truly realizes various authentication methods by the rear authentication server.
After the link phase is completed, the authentication direction sends one or more request messages to the peer. There is a type word in the request message to indicate the type of information requested by the authentication party, for example, the opposite ID, MD5 challenge word, one password (OTP), and general purpose token card. The challenge of MD5 corresponds to the challenge of the CHAP certification protocol. In a typical case, the authentication party first sends an ID request message to then send other request packets. Of course, it is not necessary to send this ID request message first, and the peer identity is known (such as rental line, dial-up line, etc.) can skip this step. The opposite end responds to a response message for each request message. Like the request packet, a type field is also included in the answer packet, corresponding to the type field in the request message responded. The certificate ends the authentication process by sending a successful or failed message.
For more information, please visit the following page: 中文 版: http://www.networkDictionary.com/chinese/protocols/eap.php English version: http://www.networkDictionary.com/Protocols/eap.php
