AT-TQ2403 Management Software User's Guide

243

 

 

Note: RADIUS accounting is not supported by the built-in server, so if you are using the built-in server make sure that RADIUS accounting is off.

Feature or Setting

CLI Command

 

 

To enable RADIUS accounting:

set bss wlan0bssInternal radius-accounting on

 

 

To disable RADIUS accounting:

set bss wlan0bssInternal radius-accounting off

 

 

For our example, we’ll enable RADIUS accounting for our external RADIUS server:

AT-TQ2403# set bss wlan0bssInternal radius-accounting on

8. Allow Non-WPA Clients

You can let non-WPA (802.11), un-authenticated client stations use this access point by setting the "wpa- allowed" option to "on".

Feature or Setting

CLI Command

 

 

To allow non-WPA clients:

set bss wlan0bssInternal wpa-allowed on

 

 

To disallow non WPA clients:

set bss wlan0bssInternal wpa2-allowed off

 

 

For our example, we’ll allow non-WPA clients:

AT-TQ2403# set bss wlan0bssInternal wpa-allow-non-wpa-stations on

9. Get Current Security Settings After Re-Configuring to WPA/WPA2 Enterprise (RADIUS)

Now we can use the "get" command again to view the updated security configuration and see the results of our new settings.

The following command gets the security mode in use on the Internal network:

AT-TQ2403# get interface wlan0 security wpa-enterprise

The following command gets details on how the internal network is configured, including details on security.

AT-TQ2403# get bss wlan0bssInternal detai

Property

Value

----------------------------------------------------------------

status

up

description

Internal

radio

wlan0

beacon-interface

wlan0

mac

00:01:02:03:02:00

dtim-period

2

max-stations

2007

ignore-broadcast-ssid

off

mac-acl-mode

deny-list