D-Link DWS 3000 user manual Configuring Radius Settings for Wireless Clients

D-Link Unified Access System User Manual

Configuring RADIUS Settings for Wireless Clients

You can configure D-Link Access Points to use 802.1x authentication on the RADIUS server to allow or deny specific users on client stations access to the wireless network. If you enable 802.1x authentication, the client entry on a RADIUS server can support user-based VLANs and subnet assignments for IP tunneling. Table 61 shows the attributes to set for wireless clients within the RADIUS server.

Table 61. RADIUS Attributes for Wireless Clients

Configuring RADIUS for Client MAC Authentication

You can configure the AP to use RADIUS-based MAC authentication to allow or deny specific client stations access to the wireless network. Although this method is less secure than 802.1x, you can use it for client stations that do not support 802.1x.

The addresses you enter are either allowed or denied based on the global default action within the AP profile.

Table 62 indicates the attributes that you configure in the RADIUS server entry.

Table 62. RADIUS Attributes for Wireless Client MAC Authentication

FreeRADIUS Example for Wireless Client

Configuration

You can use an external RADIUS server, such as a server running FreeRADIUS, to authenticate users who attempt to connect to an access point. The authentication is based on the username and password, and not the wireless client used for access. The RADIUS server can also assign the user to a VLAN after he or she is authenticated by the server.

In addition to user-based authentication, you can configure MAC-based authentication to allow or deny wireless clients access to the AP based on the MAC address of the client.

184 © 2001- 2006 D-Link Corporation/D-Link Systems, Inc. All Rights Reserved.