]>
Commit | Line | Data |
---|---|---|
535f5d8a AS |
1 | The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b> |
2 | using EAP-TTLS authentication only with the gateway presenting a server certificate and | |
3 | the clients doing EAP-MD5 password-based authentication. | |
75598e50 AS |
4 | <p/> |
5 | In a next step the <b>RFC 7171 PT-EAP</b> transport protocol is used within the EAP-TTLS | |
6 | tunnel to determine the health of <b>carol</b> and <b>dave</b> via the <b>IF-TNCCS 2.0 </b> | |
7 | client-server interface compliant with <b>RFC 5793 PB-TNC</b>. The IMCs and IMVs exchange | |
8 | messages over the <b>IF-M</b> protocol defined by <b>RFC 5792 PA-TNC</b>. | |
535f5d8a AS |
9 | <p> |
10 | The first time the TNC clients <b>carol</b> and <b>dave</b> send their measurements, | |
11 | TNC server <b>moon</b> requests a handshake retry. In the retry <b>carol</b> succeeds | |
12 | and <b>dave</b> fails. Thus based on this second round of measurements the clients are connected | |
13 | by gateway <b>moon</b> to the "rw-allow" and "rw-isolate" subnets, respectively. | |
14 | </p> |