Tyco 0-1591700-x 802.1X, Re-authentication Time, Primary Radius Server Authentication Server IP

Page 25

Wireless Access Point Model 0-1591700-x

User Manual

Page 25 of 33

 

 

 

 

 

 

 

 

Figure 20 - WEP Key Entry Sub-Screen

Note that the identical key must be used at all the clients and at the access point, otherwise authentication will not be possible. Keys should be changed frequently for maximum security.

802.1X

The access point can be configured to enable clients to authenticate against external RADIUS servers using the IEEE802.1x standard. This method is best suited to corporate users where high security is required. The 802.1x standard uses the common existing protocol, the Extensible Authentication Protocol (EAP) for message exchange during the authentication process. The implementation of 802.1x protocol is quite complex and needs detailed awareness of IP and security log-on processes. This is the only setting on the access point that should only be attempted by knowledgeable IT personnel.

In a wireless LAN with 802.1x enabled, a client requests access to an access point (known as the authenticator). The access point forces the client into an unauthorized state that allows the client to send only an EAP-start message. The AP replies with an EAP-request identify message to obtain the clients identity. The clients EAP-response packet containing the clients identity is forwarded to the RADIUS authentication server. The authentication server is configured to authenticate clients with a specific authentication algorithm and the server returns an accept or reject packet to the access point. Once authenticated, the access point opens the client’s port and traffic will be forwarded.

The access point hides the complexity of the IEEE802.1x registration process as it transparently handles the main authentication types including EAP-TLS, EAP-MD5 and EAP-TTLS. Note that all clients in the network must use the same type of authentication.

Figure 21 - 802.1x Authentication Sub-Screen

Re-authentication Time

This value is the duration that runs before the client needs to be authenticated against the RADIUS server.

Primary Radius Server – Authentication Server IP

This is the IP address of the primary RADIUS server. The default TCP port value is 1812. If there is a shared secret for the transactions, then enter the value in the Shared Secret box.

PL0356

©2003TycoElectronics

Issue 1

Page 24 Page 26
Image 25
Page 24 Page 26
Contents Part Number Table Of Contents Ssid Wireless MenusIntroduction Key Features and BenefitsSupplied Items WPADeclaration of Conformity FCC ComplianceOther Regulatory Statements General Operational RequirementsDisclaimer WarrantySupport Wlan Security Installation PracticeDo I Need a Site Survey ? Location GuidelinesLED Indicators Access Point PortsReset Indicator Function PowerDesk Mounting the Access Point Wall Mounting the Access PointUnit Information Getting Started Configuring your PCInternet Protocol Properties Screen Connecting To The Access PointAccess Point Main Screen Wireless Configuration Menu- Basic Settings Web Browser Menu Menu SystemsSerial Console Menu Telnet Menu Password Settings Administrator SettingsSystem Menu Idle Time OutTftp Upgrade Firmware UpgradeWeb Upgrade Configuration ToolsRestore Factory Default Configuration Backup Settings / Restore Settings ResetStatus Dhcp Settings LAN SettingsLAN Menu IP AddressDhcp Client List DNS SettingsFiltering Mode Function MAC Address Filtering Access Control ListFiltering Menu Menu Mode Function Wireless MenusWireless Mode 11a Menu OptionAdvanced Settings Authentication Primary Radius Server Authentication Server IP Re-authentication Time802.1X Short Preamble 802.11g Menu Option802.11g Stations Only Protection ModeProtection Rate Protection Type802.1x Status Status Menu OptionSnmp Menu Access RightSnmp Community CommunitySnmp MIB Support Snmp TrapGenerated Traps 255.255.255.0 Fault-Finding and FAQsPing 192.168.1.1 -t Pin No Power Function Power SuppliesCSMA/CA Product Specifications
Top Page Image Contents