Cisco Certified Internetwork Expert (CCIE) 2025 – 400 Free Practice Questions to Pass the Exam

The presence of LEAP Session-Key as a VSA (Vendor-Specific Attribute) in a RADIUS WLAN Access-accept packet is associated with the specific requirements of the LEAP (Lightweight EAP) authentication method. When a wireless client successfully authenticates using LEAP, the RADIUS server sends an Access-accept packet that includes the LEAP Session-Key to establish a secure session between the client and access point. This key is essential for ensuring the confidentiality and integrity of data transmissions during the session, reinforcing the importance of this attribute in the context of RADIUS responses.

In contrast, while EAP-Message, Tunnel-Type, and SSID may play roles in various authentication and session establishment processes, they are not defined specifically as attributes that would normally be present in an Access-accept packet for WLAN scenarios related to LEAP. For instance, the EAP-Message is more commonly found in EAP-related exchanges rather than in the final Access-accept packet, while Tunnel-Type is associated with tunneling protocols and not exclusive to the WLAN context. The SSID is relevant for the identification of the wireless network but is typically included in other contexts, such as in Access Challenge messages, rather than in the Access-accept packet itself.