6.The client validates the digital certificate, and replies its own digital certificate to the RADIUS server.

7.The RADIUS server validates client’s digital certificate.

8.The client and RADIUS server derive encryption keys.

9.The RADIUS server sends WRT-410 a RADIUS ACCEPT message, including the client’s WEP key.

10.WRT-410 sends the client an EAP Success message along with the broadcast key and key length, all encrypted with the client’s WEP key.

4.2 RADIUS Server Setup

4.2.1 Required Services

After Windows 2000 server has been installed, please install Service Pack 2 also and other latest security patch.

Furthermore, the following service components are needed:

nActive Directory (Please consult with your network administrator or an engineer who is familiar with Windows 2000 server to install Active Directory; otherwise your system or network might be unstable.)

nIAS (Internet Authentication Service)

nWeb Server (IIS)

nCertificate Service

4.2.2 Setup Procedure

1.Login into Windows 2000 Server as Administrator, or account that has Administrator authority.

2.Go to Start > Control Panel, and double-clickAdd or Remove Programs”.

3.Click on “Add/Remove Windows components”.

4.Check “Certificate Services”, and click “Next” to continue.

5.Select “Enterprise root CA”, and click “Next” to continue.

-32 -