1.Client’s unauthorized packet 2.Redirected if packet is HTTP 3.Identification using User Account (Web) 4.Looking for valid User Account (LDAP) 5.Authentication.