AT-TQ2403 Management Software User's Guide

235

 

 

5.Get Current Security Settings After Re-Configuring to IEEE 802.1x Security Mode

1.Set the Security Mode

AT-TQ2403# set interface wlan0 security dot1x

2. Set the Authentication Server

You can use the built-in authentication server on the access point or an external RADIUS server.

Note: To use the built-in authentication server, set the RADIUS IP address to that used by the built-in server (127.0.0.1) and turn RADIUS accounting off (because it is not supported by the built-in server)

Feature or Setting

 

CLI Command

 

 

 

To set the AP to use the Built-in

 

set bss wlan0bssInternal radius-ip 127.0.0.1

Authentication Server:

 

 

 

 

 

To set the AP to use an External

 

set bss wlan0bssInternal radius-ip RADIUS_IP_Address

RADIUS Server:

 

where RADIUS_IP_Address is the IP address of an external RADIUS

 

 

 

 

server.

For this example we’ll set it to use the built-in server:

AT-TQ2403# set bss wlan0bssInternal radius-ip 127.0.0.1

3. Set the RADIUS Key (For External RADIUS Server Only)

If you use an external RADIUS server, you must provide the RADIUS key. (If you use the built-in authentication server the RADIUS key is automatically provided.)

This command sets the RADIUS key to secret for an external RADIUS server.

AT-TQ2403# set bss wlan0bssInternal radius-key secret

4. Enable RADIUS Accounting (External RADIUS Server Only)

You can enable RADIUS Accounting if you want to track and measure the resources a particular user has consumed such system time, amount of data transmitted and received, and so on.

Note: RADIUS accounting is not supported by the built-in server, so if you are using the built-in server make sure that RADIUS accounting is off.

Feature or Setting

CLI Command

 

 

To enable RADIUS accounting:

set bss wlan0bssInternal radius-accounting on

 

 

To disable RADIUS accounting:

set bss wlan0bssInternal radius-accounting off