SmartBridges sB3210 manual Install Windows XP Certificates and Setup Client for TLS

Page 48

i n t e l l i g e n t

w i r e l e s s

p l a t f o r m

dh_file = /usr/local/radius/etc/1x/dh

random_file = /usr/local/radius/etc/1x/random fragment_size = 1024

include_length = yes

}

No other changes are needed in radiusd.conf for TLS.

d. Server Certificates, DH File, and Random File – we added a new directory 1x in the radius etc directory, and then copied the server certificates (root.pem and cert-srv.pem) into the directory. Finally, we used the following trick to produce dh and random:

date > dh date > random

If you prefer, use your keyboard to enter some random characters in these files. Or even better, use the OpenSSL tools to produce the random information for these files.

e. Run-Radius -- The only server addition remaining is wrapper for radiusd. We added a new file run- radius in the /usr/local/radius/sbin directory. The script is from Document 3:

-----Wrapper Script ------------------------------------

#!/bin/sh -x

LD_LIBRARY_PATH=/usr/local/openssl/lib

LD_PRELOAD=/usr/local/openssl/lib/libcrypto.so

export LD_LIBRARY_PATH LD_PRELOAD

/usr/local/radius/sbin/radiusd $@

---------------------------------------------------------

After entering and saving the script, make run-radius executable:

chmod u=rwx run-radius

The server is complete.

4. Install Windows XP Certificates and Setup Client for TLS

The Windows XP certificates need to be installed, and client needs to be configured. We recommend that you follow Raymond McKay's example in Document 3, Section 10, XP Client (Supplicant) Setup. When this step is complete, the client is ready.

5. AP Setup

The AP configuration needs to be modified. This is the setup we used with our ZyXEL B-1000v2. (We assume that the B-1000 has been configured previously to use WEP keys and MAC addresses.)

At the wireless 802.1x tab:

Wireless Port Control = Authentication Required

ReAuthentication Timer = 1800 seconds

Idle Timeout = 3600 seconds

Authentication Database = RADIUS only

Dynamic WEP Key Exchange = 128-bit WEP

airPoint™ Nexus User Configuration Guide

Page 48 of 55

 

Page 47 Page 49
Image 48
Page 47 Page 49
Contents AirPoint Nexus SB3210 VersionTable of Contents About This Document Overview of User GuideRelated Publications Technical Support Center AirPoint Nexus Configuration Features IntroductionSystem Requirements Checklists Pre-Installation Checklist for airPointParameters Units Site a Site B Economical One radio model sB3210Signature of Engineer Name Date Post-Installation Checklist for airPoint RssiChecklist Parameters Units Site a Site B AirPoint Configuration User Login and License AgreementLicense Agreement Web GUI Administrator Password Change Description of Parameters DescriptionsUsing the Configuration Pages Navigation Menu BarEditable Boxes for Parameter Editing Description of Menus Menu Item Menu Sub-itemsMenu Item Menu Sub-items Description NoneWEP Only Internal ACLTools Help AirPoint Bridge Configuration Parameters Ethernet ConfigurationsWireless Configuration AirPoint Bridge Wireless Settings Wireless Settings Items DescriptionsRadio Protocol Items DescriptionsRadio Protocol Parameters AirPoint Bridge Performance Settings Bridge Configuration Configuring Spanning Tree Protocol STPDefault STP Values Setting Default Value Range Purpose Setting Default Value Range Purpose T e l l i g e n t R e l e s s A t f o r m 11 Bridge Configuration WEP only Wireless Equivalent Privacy SecurityWDS Table T e l l i g e n t R e l e s s A t f o r m Internal ACL with WEP disabled External ACLRadius & Internal ACL External ACL Radius & Internal ACL WPA-RadiusWPA radius Traffic Statistics Traffic StatisticsSystem Configuration ToolsSystem Configuration Descriptions Snmp SecurityReset Options Snmp Security ConfigurationNTP Time Server Setup Delayed ResetNTP Time Settings Profile ManagerSave Profile Profile Manager Menu ItemsLoad Operating Profile Profile CalendarLink Test Ping Test ResultLink Budget Planning Throughput Test Result10 Link Budget Planning Calculator Link Budget Firmware Upgrade AirPoint Nexus Firmware UpgradeSuccessful upgrade pop-up window Appendix a Configuration of the Radius Server Produce Certificates T e l l i g e n t R e l e s s A t f o r m Configure Server for TLS Install Windows XP Certificates and Setup Client for TLS Test TLS Change Windows XP for Peap Appendix B Useful terms and definitions Abbreviations AcronymsWPA Snmp Appendix C Snmp Trap Appendix D License
Top Page Image Contents