WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

You can terminate the 802.1x authentication on the WFS709TP. The switch passes user authentication to its internal database or to a “backend” non-802.1x server. This feature, also called AAA FastConnect, is useful for deployments where an 802.1x EAP-compliant RADIUS server is not available or required for authentication.

Authentication with a RADIUS Server

Figure 7-1is an overview of the parameters that you need to configure on authentication components when the authentication server is an 802.1x EAP-compliant RADIUS server.

Client

WFS709TP

 

 

 

Authentication

(Supplicant)

(Authenticator)

 

 

 

 

 

 

server

 

 

 

 

 

 

 

 

 

 

 

 

EAP type

 

 

 

 

 

 

 

 

 

EAP type

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Server IP

 

 

 

Client IP

 

 

 

 

 

Shared secret

 

 

 

Shared secret

 

 

 

 

 

Auth port

 

 

 

 

 

 

 

 

 

Acct port

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ESSID

ESSID

 

 

 

 

Network authentication

Network authentication

Data encryption

Data encryption

 

 

 

 

Figure 7-1

The supplicant and authentication server must be configured to use the same EAP type. The WFS709TP does not need to know the EAP type used between the supplicant and authentication server.

7-2

Configuring 802.1x Authentication

v1.0, June 2007

Page 125 Page 127
Page 126
Image 126
NETGEAR WFS709TP-100NAS manual Authentication with a Radius Server, Client, Network authentication Data encryption
Page 125 Page 127
Top Page Image Contents