Administrator Guide
192 | 802.1X EAP-PEAP Reference Dell Networking W-ClearPass Deployment Guide
Table 39: Detailed Sequence of the EAP-PEAP-Active Directory Handshake Exchange
Extensible Authentication Protocol over LAN (EAPOL) Start
1 The authenticator sends an EAP-Request for the identity of the connecting supplicant (client device).
2
The supplicant responds to the authenticator with an EAP Identity Response that contains the identity
(username) used for authentication. This is referred to as the "Outer Identity."
3
The authenticator forwards the EAP Identity Response with the identity of the user to the authentication
server (W-ClearPass Policy Manager).
Active Directory
4
The authentication server performs an LDAP lookup against its configured Active Directory authentication
sources to try to find the user's name in the directory, along with some basic LDAP attributes, such as
sAMAccountName.
5
The LDAP server responds to the authentication server's LDAP search request with the appropriate
answers to the LDAP lookup.