A method authenticates nodes in a communication network of an automation installation. Respective authentication information is transmitted to an authentication server, which takes the authentication information as a basis for admitting or rejecting the nodes in the communication network as subscribers. In order to be able to perform an authentication of a node even in a communication network configured with redundancy, the communication network contains multiple nodes, each of which has at least two communication ports. The communication network executes a spanning tree protocol and at least two of the nodes use their mutually facing communication ports to interchange authentication requests and send the respective received authentication information to an authentication server, connected to the communication network, that uses the respective received authentication information to perform a check on the authenticity of the node and admits or rejects the node in the communication network based on the check.