Fortress Technologies ecure Wireless Access Bridge 3.4 802.1X Server and LAN Port Settings

Fortress Bridge: Configuration

3.4 802.1X Server and LAN Port Settings

NOTE: The RADI-

US server internal

to the Bridge cannot be

used for 802.1X authen-

tication.

The Fortress Bridge can be used with an external 802.1X

authentication server and its internal switch ports can be

individually configured to allow or block 802.1X traffic.

The Fortress Bridge supports non-802.1X authentication

through a separate and unrelated set of configuration settings.

The global settings for non-802.1X authentication are

described in Section 3.6.6. Individual non-802.1X device and

user authentication settings are described in sections 4.1 and

4.2, respectively.

3.4.1 802.1X Authentication Server

When an 802.1X authentication server is configured for it, the

Bridge acts as an 802.1X authenticator, conveying 802.1X

queries and responses between 802.1X supplicants and the

configured authentication server.

NOTE: If you are

using both RADI-

US and 802.1X authenti-

cation services, they can

run on the same exter-

nal server, but you must

enter the server’s set-

tings both on the

SECURI-

TY SETTINGS screen (in

the AUTHENTICATION SET-

TINGS section) and on the

INTERFACES screen (in the

802.1X AUTHENTICATION

SERVER frame).

In order to support 802.1X authentication—whether for

wireless (802.1X Security in Section 3.3.4.5) or wired devices

(Section 3.4.2)—the Bridge must be configured to use an

external, 802.1X authentication server.

Certain other VAP Security Suite settings—specifically those

WPA and WPA2 options that do not use PSK (pre-shared key

mode)—also require the use of an 802.1.X authentication

server. (Possible VAP Security Suite settings are described in

detail in Section 3.3.4.5.)

Finally, even in configurations that do not require the use of an

802.1X authentication server, the fields that configure the

server cannot be empty. In these instances, you can leave

the default 802.1X authentication servers settings in place,

without reference to an actual 802.1X server.

Before configuring the Bridge to use the 802.1X authentication

server, you should first configure the service to use the Bridge

as an 802.1X authenticator (refer to your 802.1X server

documentation for guidance).

To configure the Bridge for use with

an external 802.1X authentication server:

1Log on to the Bridge GUI admin account and select

INTERFACES from the menu on the left.