Chapter 6: Configuring Security

Table 50. Security Parameter Descriptions (Continued)

Parameter

Description

 

 

 

 

Allow Telnet

Determines if users can use a telnet session (or

Access (Port 23)

communications program) to configure or

 

manage this access point.

 

Do not clear this check box if you plan to

 

configure the Telnet Gateway and allow wireless

 

clients to upgrade the access point over the telnet

 

port. For details, see page 210.

 

 

Allow SNMP

Determines if users can use MobileLAN manager

Access (Port 161/

or another SNMP management station to

162)

configure or manage this access point.

 

 

Allow TFTP Access

Determines if users can use TFTP clients to

(Read-Only)

exchange files with the access point.

 

 

Allow ICMP

Determines if users can use another program that

Configuration

uses ICMP echo (PING) to set the IP address or

 

restore factory defaults on this access point.

 

 

Allow Avalanche

Determines if users can use the Wavelink

Access

Avalanche client management system to manage

 

this access point.

 

 

Setting Up Logins To ensure login security for configuring or maintaining the access points, you should either use a password server (typically an EAS or another RADIUS server) or change the default user name and password.

To use the password server, you must have:

ˆa password server on the network that contains the user name/ password database. For help, see “Configuring the Access Point to Use a Password Server” on page 177. You can either configure an EAS or you can use an external RADIUS server as a password server.

ˆaccess points, which are the RADIUS clients.

If you use a password server, you enable RADIUS for login authorization. That is, when a user attempts to log in to the access point, the user must enter a user name and password. This login is sent through the RADIUS client (access point) to the RADIUS server. The server compares the login to its list of authorized logins. If a match is found, the server returns an access-accept frame and the user is logged in to the access point with read/write privileges.

If no RADIUS server is available when the user attempts a login and the Allow Service Password check box is checked, the service password is checked. If the login does not match the service password, the login fails.

176

Page 176
Image 176
Allied Telesis AT-WA7500, AT-WA7501 manual 176