5 Configuring Access Point Settings

address according to the validation mode (local or RADIUS) as long as the AP is enabled for Managed Mode and has been authentication (if required). Once the AP is verified, it becomes managed by the switch.

If an AP is discovered and its MAC address is not found in the Valid AP database or the AP fails to authenticate, the switch adds an entry to the AP failure list. If you use the local Valid AP database, you can add the failed AP to the Valid AP database directly from the AP Authentication Failures page.

The Valid AP database stores additional information about the AP along with its MAC address such as the AP mode, local authentication password, and the AP profile that the access point uses. You can also manually set the channel and RF signal transmit power level for an individual AP, which overrides the channel and power settings in the AP profile.

Configuring AAA and RADIUS Settings

In the D-Link Unified Access System, you can use a RADIUS server for the following functions:

Management of client-to-AP authentication and accounting

Management of AP-to-Switch authentication and accounting

Database for AP settings

The information in this section applies to the client-to-AP authentication and accounting management. For information about AP-to-switch management, see “Using the RADIUS Database for AP Validation” on page 74. For information about how to set AP database settings in the RADIUS server, see Appendix B, “Configuring the External RADIUS Server” on page 179.

The RADIUS server that you configure from the Administration > Basic Setup > AAA/RADIUS tab is the RADIUS server for the default AP profile. For each network, you can configure a unique RADIUS server or use the default RADIUS server.

Table 7 describes the fields you can configure for the default AP profile RADIUS server.

Table 7. Global RADIUS Server

Field

Description

IP Address

The RADIUS IP is the IP address of the RADIUS server the switch uses for

 

authentication.

 

 

Secret

The RADIUS Secret is the shared secret key for the RADIUS server. Click

 

the Edit check box to enter a secret. The text you enter will be displayed as

 

“*” characters to prevent others from seeing the RADIUS key as you type.

 

 

Accounting

RADIUS Accounting allows you to track and measure the resources a

 

particular user has consumed such as system time, amount of data

 

transmitted and received, and so on.

 

 

NOTE:If you access the RADIUS and MAC Authentication configuration information from the AP Profile page, the Profile Name field also appears. To rename the profile, delete the existing name and enter the new name in the field, then click Submit.

Configuring AAA and RADIUS Settings 79

Page 79
Image 79
D-Link DWS 3000 user manual Configuring AAA and Radius Settings, Global Radius Server, Secret, Accounting