blob: c8e1afd818a31d45d9d4df56fbad12836511d50d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>
using EAP-TTLS authentication only with the gateway presenting a server certificate and
the clients doing EAP-MD5 password-based authentication.
In a next step the EAP-TNC protocol is used within the EAP-TTLS tunnel to determine the
health of <b>carol</b> and <b>dave</b> via the <b>TNCCS 2.0 </b> client-server interface
compliant with <b>RFC 5793 PB-TNC</b>. The IMC and IMV communicate are using the <b>IF-M</b>
protocol defined by <b>RFC 5792 PA-TNC</b>.
<p>
The first time around both <b>carol</b> and <b>dave</b> fail the health test but they
request a handshake retry. After remediation <b>carol</b> succeeds but <b>dave</b>
still fails. Thus based on this second round of measurements the clients are connected
by gateway <b>moon</b> to the "rw-allow" and "rw-isolate" subnets, respectively.
</p>
|
