4.If necessary, select a security association from those displayed and click the Delete button to remove it.
6.9Configuring the Radius Server
Remote Authentication
Radius Overview on page 6-62.
Setting up Radius on the switch entails the following:
•Defining the Radius Configuration
•Configuring Radius Authentication and Accounting
•Configuring Radius Users
•Configuring Radius User Groups
•Viewing Radius Accounting Logs
NOTE: For hotspot deployment, Motorola recommends using the switch’s onboard Radius server and
6.9.1 Radius Overview
Radius enables centralized management of switch authentication data (usernames and passwords). When a MU attempts to associate to the Radius supported switch, the switch sends the authentication request to the Radius server. The communication between the switch and server are authenticated and encrypted through the use of a shared secret password (not transmitted over the network).
The switch’s local Radius server stores the authentication data locally, but can also be configured to use a remote user database. A Radius server as the centralized authentication server makes is an excellent choice for performing accounting. Radius can significantly increase security by centralizing password management.
The switch can be configured to use its own local Radius server or an external Radius server you define and configure within the switch managed network. For information on the benefits and risks of using the switch’s resident Radius Server as opposed to an external Radius Server, see Using the Switch’s Radius Server Versus an External Radius on page
NOTE: When restarting or rebooting the switch, the Radius server will also be restarted regardless of its state before the reboot.
The Radius server is used to define authentication and authorization schemes for granting the access to wireless clients. Radius is also used for authenticating hotspot and remote VPN Xauth. The switch can be configured to use 802.1x EAP for authenticating wireless clients with a Radius server. The following EAP authentication types are supported by the onboard Radius server:
•TLS
•TLS and MD5
•TTLS and PAP