Using WPA-802.1x, Radius Server Configuration | LevelOne WAP-0005

Wireless Access Point User Guide

Using WPA-802.1x

This is the most secure and most complex system.

802.1x mode provides greater security and centralized management, but it is more complex to configure.

Wireless Station Configuration

For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point.

Mode	On each PC, the mode must be set to Infrastructure.

SSID (ESSID)	This must match the value used on the Wireless Access Point.
	The default value is wireless
	Note! The SSID is case sensitive.

802.1x	Each client must obtain a Certificate which is used for authentication for
Authentication	the Radius Server.
802.1x	Typically, EAP-TLS is used. This is a dynamic key system, so keys do
Encryption	NOT have to be entered on each Wireless station.
	However, you can also use a static WEP key (EAP-MD5); the Wireless
	Access Point supports both methods simultaneously.

Radius Server Configuration

If using WPA-802.1xmode, the Radius Server on your network must be configured as follow:

•It must provide and accept Certificates for user authentication.

•There must be a Client Login for the Wireless Access Point itself.

•The Wireless Access Point will use its Default Name as its Client Login name. (However, your Radius server may ignore this and use the IP address instead.)

•The Shared Key, set on the Security Screen of the Access Point, must match the Shared Secret value on the Radius Server.

•Encryption settings must be correct.

44

Image 48

LevelOne WAP-0005 manual Using WPA-802.1x, Wireless Station Configuration, Radius Server Configuration

Contents

Users Guide Page Table of Contents Wireless Access Point Overview General ProblemsOverview Wireless LAN Terminology Overview Command Reference Features of your Wireless Access Point Introduction Security Features Advanced Features Introduction Package Contents Physical Details Rear Panel Installation ProcedureRequirements Requirements Using PoE Power over Ethernet Using PoE Power over EthernetPage Access Point Setup Setup using the Windows UtilityInstallation Overview Wireless Access Points Buttons Setup Procedure Pass-phrase just works for Hex and not for Setup using a Web Browser Password Dialog If you cant connect Access Control Data Access Control ScreenButtons Trusted Wireless Stations Data Trusted Wireless Stations Security Profiles Select NoneEdit Add Data Security Profiles Screen ProfilePrimary Profile Isolation Wireless Band Security Profile ScreenProfile Data Security System Setup Security Settings None Radius MAC AuthenticationUsing MAC authentication Setup Radius-based MAC authentication Screen Data Radius-based MAC Authentication Screen UAM authentication Internal UAM authentication External UAM Screen Data UAM Screen Security Settings WEP Data WEP Screen Security Settings WPA-PSK Data WPA-PSK ScreenNetwork Key WPA Encryption Pairwise Key Update Group Key UpdateUpdate Group key When any membership Security Settings WPA-802.1x WPA-802.1x Wireless Security Data WPA-802.1x Screen WPA-802.1x Update Report Every Security Settings 802.1x Wireless Security Data 802.1x Screen 802.1x UAM System Screen Data System ScreenIdentification IP Address Wins Server Name/IP Address Wireless Screens Basic Settings ScreenData Basic Settings Screen Wireless Mode AP Mode Bridge ModeBroadcast Ssid MAC Address field Parameters Advanced Settings Data Advanced Settings ScreenBasic Rate Options 802.11b PC and Server Configuration Using WEPSecurity Using WPA-PSK Using WPA-802.1x Wireless Station ConfigurationRadius Server Configuration 802.1x 802.1x Server Setup Windows 2000 Server Windows 2000 Domain Controller SetupServices Installation Components Screen Dhcp server configuration CA Screen IP Address Screen Certificate Authority Setup Certificate Authority Screen Active Directory Screen Group Policy Screen Internet Authentication Service Radius Setup Service Screen Authentication Screen Remote Access Login for Users Dial-in Screen 802.1x Client Setup on Windows XP Client Certificate Setup Wireless CA Screen Identifying Information Screen 802.1x Authentication Setup Encryption Settings Wireless Networks Screen Enabling Encryption Properties Screen Using 802.1x Mode without WPA Operation and Status OperationStatus Screen Access Point WirelessData Status Screen Security Profiles 4GHz Wireless Statistics ScreenData Statistics Screen System Up Time Multicast Packets ManagementControl Profile Status BandClients Activity Log Data Activity LogData Station List Data Station List ScreenStation List Refresh Button Access Point Management Admin Login Screen Data Admin Login Screen LoginAdmin Connections Auto Config/Update Data Auto Config/Update ScreenConfiguration on this AP Perform Auto Auto Update Config File Data Config File ScreenBackup Restore Defaults Revert to factory Log Settings Syslog Data Log Settings Screen Enable Detection Rogue APsData Rogue AP Screen Data Snmp Screen GeneralManagers Traps Upgrade Firmware To perform the Firmware Upgrade Specifications Wireless Access PointHardware Specifications Wireless Specifications Software Specifications Feature Details Message Log FCC Statement FCC Radiation Exposure Statement Troubleshooting General ProblemsTo Find the Access Points IP Address Wireless Access Point User Guide Checking TCP/IP Settings Windows 9x/ME Windows TCP/IPNormally, no changes need to be made Using Dhcp Using Specify an IP Address Checking TCP/IP Settings Windows NT4.0 Windows NT4.0 TCP/IP Obtain an IP address from a Dhcp Server Checking TCP/IP Settings Windows Network Configuration Win Using a fixed IP Address Use the following IP Address Checking TCP/IP Settings Windows XP Network Configuration Windows XP Using Dhcp About Wireless LANs Wireless LAN TerminologyAd-hoc Mode Infrastructure Mode Channels WPA-802.1x 802.1x Command Line Interface Using the CLI TelnetUsing the CLI Serial Port Command Reference CLI Port Settings Wireless Access Point User Guide Display 11g Beacon Rate Wireless Access Point User Guide Mem -- system memory statistics Set 11g Beacon Rate Appendix C Windows TCP/IP Wireless Access Point User Guide