Authentication Server, Internal DB | NETGEAR WFS709TP-100NAS

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

The Layer 2 encryption depends upon the authentication method chosen (Table 5-2).

Table 5-2. Encryption Options by Authentication Method

Authentication Method	Encryption Option

None	Open (Null) or Static WEP

802.1x	Dynamic WEP

WPA or WPA-PSK	TKIP

WPA2, WPA2-PSK, or xSec	AES

Combination of WPA or WPA-PSK and WPA2 or	Mixed TKIP/AES
WPA2-PSK

For more information about data encryption options for the WLAN, see “Encryption” on page 1-10.

Authentication Server

If an external authentication server, such as a RADIUS server, will be used to validate the wireless user, the server administrator must configure the server to support this authentication. The administrator must also configure the server to allow communication with the WFS709TP.

If the internal database in the WFS709TP will be used to validate the wireless user, you must configure user entries in the database.

Table 5-3is a summary of the authentication servers that you can configure for each authentication type in your WLAN.

Table 5-3. Supported Authentication Servers by Authentication Types

Authentication Type		Authentication Servers

	RADIUS		LDAP	Internal DB
	RADIUS		LDAP	Internal DB

802,1x	Yes		Yes**	Yes*

WPA	Yes		Yes**	Yes*

WPA-PSK	N/A		N/A	N/A

WPA2	Yes		Yes**	Yes*

WPA-PSK2	N/A		N/A	N/A

Captive Portal	Yes		Yes	Yes

MAC	Yes		Yes	Yes

* Only when the AAA FastConnect feature is enabled. See “Configuring 802.1x Authentication” on page 7-4.

Configuring WLANS

5-3

v1.0, June 2007

Image 99

NETGEAR WFS709TP-100NAS manual Supported Authentication Servers by Authentication Types, Internal DB

Contents

NETGEAR, Inc Certificate of the Manufacturer/Importer Technical SupportTrademarks Statement of Conditions Japan United StatesCanada Europe Rest of World Lithium Battery Safety NoticeKorea Australia/New Zealand China RoHS European Union RoHS Publication Date June Product Family Wireless Product Name Product and Publication DetailsModel Number Contents Chapter Configuring Network Parameters Chapter Configuring Wlans Chapter Configuring MAC-Based Authentication Appendix a Configuring Dhcp with Vendor-Specific Options Appendix D Related Documents Index Conventions, Formats, and Scope About This Manual How to Print this Manual How to Use This Manual Revision History Xvi About This Manual Netgear ProSafe Access Points Chapter Overview of the WFS709TPWFS709TP System Components WFS709TP WFS709TP Wireless clients Floor Wiring closet InternetData center Automatic RF Channel and Power Settings RF Monitoring WFS709TP ProSafe Switches V1.0, June WFS709TP Software Netgear Wireless APs Local WFS709TP Master WFS709TP Authentication Basic Wlan Configuration V1.0, June Encryption Options by Authentication Method Authentication Method Encryption OptionEncryption Vlan Netgear AP Floor Wiring closet Internet Association Wireless Client Access to the Wlan Captive Portal 802.1x Authentication Client Mobility and AP Association MAC Address Authentication Configuring and Managing the WFS709TP V1.0, June Menu Description Configuration ToolTools Browser Interface Tools Wlan Configuration Pages Basic V1.0, June Deployment Scenario #1 Configuration OverviewRouter is default gateway for WFS709TP and clients Chapter Deploying a Basic WFS709TP System Deployment Scenario #2 Run the initial setup seeRun the Initial Setup on Deployment Scenario #3 Configuring the WFS709TP Run the Initial Setup V1.0, June Configure the Switch for the Access Points V1.0, June Create the Vlan Configure a Vlan for Network Connection Configure the Trunk Port Connect the WFS709TP to the Network Configure the Default Gateway Configure the Loopback for the WFS709TP Deploying APs Enable APs to Obtain IP Addresses Enable APs to Connect to the WFS709TP Locate the WFS709TP V1.0, June Provision APs Install APs V1.0, June Additional Configuration Chapter Configuring Network Parameters Configuring VLANsCreating a Vlan Assigning a Static Address to a Vlan Internet Configuring a Vlan to Receive a Dynamic AddressCable modem or Bras To local Default Gateway from Dhcp Enabling the Dhcp ClientDNS/WINS Server from Dhcp Configuring Static Routes Configuring the Loopback IP Address V1.0, June V1.0, June RF Plan Overview Chapter RF Plan Before You Begin Task OverviewPlanning Requirements Using RF Plan Building List Building Specification Overview Building Dimension V1.0, June AP Modeling Parameters Radio Type Overlap FactorDesign Model AM Modeling Parameters UsersRates Monitor Rates Planning Floors Zoom Coverage Coverage RateFloor Editor Dialog Box Area Editor Dialog Box V1.0, June Access Point Editor V1.0, June Initialize AP Planning Viewing the Results Start AM Planning Export Buildings Exporting and Importing Files Import Buildings Locate Sample Building RF Plan Example Building Planning Specifications Create a BuildingText Box Information Model the Access Points Add and Edit a Floor Model the Air Monitors Defining Areas Create a Don’t Care Area Create a Don’t Deploy Area Running the AP Plan Running the AM Plan Click Save V1.0, June Chapter Configuring Wlans Determine the Authentication Method Authentication MethodsMethod Description Internal DB Authentication ServerSupported Authentication Servers by Authentication Types Authentication Type Authentication Servers Determine the Default Vlan Basic Wlan Configuration in the Browser Interface V1.0, June Parameter Definition Wlan Basic Configuration Parameters Parameter Definition Example Configuration V1.0, June Configuring Global Parameters Advanced Wlan Configuration in the Browser Interface Add or Modify SSIDs Configuring Location-Specific Parameters Advanced Ssid Configuration Settings Default Ssid Configure AP Information V1.0, June Configuring Radio Settings V1.0, June V1.0, June Example Configuration V1.0, June IntelliFi RF Management Channel SettingPower Setting Advantages of Using IRM Configuring IRM V1.0, June V1.0, June Parameter Description Chapter Configuring AAA ServersConfiguring an External Radius Server Radius Server Configuration Information Configuring AAA Servers Internal Database Entry Information Adding Users to the Internal Database Logon User Lifetime Configuring Authentication Timers V1.0, June V1.0, June 802.1x Authentication Chapter Configuring 802.1x Authentication Client Authentication with a Radius ServerAuthentication Network authentication Data encryption Internal database Authentication Terminated on WFS709TPAuthentication via User Configuring 802.1x Authentication 802.1x Authentication 1x Authentication Browser Interface Page OptionsParameter Description Default Advanced Configuration Options for Field Description Default Advanced Authentication Fields 500 Overview of Captive Portal Functions Chapter Configuring the Captive Portal Configuring Captive Portal Configuring Advanced Captive Portal Options Enabled Changing the Protocol to Http Configuring the AAA Server for Captive Portal Personalizing the Captive Portal V1.0, June V1.0, June Configuring MAC-Based Authentication Configuring Users V1.0, June V1.0, June Chapter Adding Local WFS709TPs Moving to a Multi-Switch Environment Configuring Local WFS709TPs Configuring the Local WFS709TPConfiguring L2/L3 Settings Configuring APs Configuring Trusted Ports Rebooting APs Chapter Configuring Redundancy Redundancy ConfigurationVirtual Router Redundancy Protocol Configuring Local WFS709TP Redundancy Parameter Explanation Expected or Recommended Values Vrrp Parameters for Local WFS709TP Redundancy Master WFS709TP Redundancy Association Function Switch ID Master-Local WFS709TP RedundancyVrrp Associations Network MasterVlan 1, 2, ... N Layer Configuring Redundancy 11-7 11-8 Configuring Redundancy Rogue/Interfering AP Detection Configuring Wireless Intrusion Protection Classifying APs Enabling AP Learning Configuring Wireless Intrusion Protection 12-3 Configuring Rogue AP Detection AP ClassificationsFIeld Description Misconfigured AP Detection Configuring Misconfigured AP ProtectionValid Channel Types 12-6 Configuring Wireless Intrusion Protection Configuring Management Users Chapter Configuring Management Utilities Field Description Expected/Recommended Value Configuring SnmpSnmp for the WFS709TP Basic WFS709TP Snmp Parameters SNMPv3 User Details Snmp for Access Points Field Description Expected/Recommended Values Basic Access Point Snmp Parameters Traps on page 13-9 for a complete list SNMPv3 Access Point User Details Configuring Management Utilities 13-7 13-8 Configuring Management Utilities Trap Description Priority Level Snmp TrapsWFS709TP Traps WFS709TP Snmp Traps Access Point Snmp Traps Access Point/Air Monitor Traps Configuring Management Utilities 13-11 Configuring Logging WFS709TP ModulesModule Description Configuring Management Utilities 13-13 Creating Guest Accounts Configuring Management Utilities 13-15 Server Type Configuration Managing Files on the WFS709TPServers for File Transfer Backing Up and Restoring the Flash File System Managing Image Files Copying Other Files Copying Log Files Installing a Server Certificate 13-20 Configuring Management Utilities Voice over IP Proxy ARP Chapter Configuring WFS709TP for Voice Battery Boost Limiting the Number of Active Voice Calls WPA Fast Handover Overview Appendix a Configuring Dhcp with Vendor-Specific Options Windows-Based Dhcp Servers Configuring Option Figure A-1 Figure A-2 Linux Dhcp Servers V1.0, June V1.0, June Window XP Wireless Client Example Configuration Appendix B Windows Client Example Configuration for Figure B-1 V1.0, June Figure B-3 Figure B-4 Figure B-5 Figure B-6 V1.0, June Creating a New Internal Web Appendix C Internal Captive Portal Username Password Html Head Body Basic Html Example Displaying Authentication Error Message Installing a New Captive Portal V1.0, June Language Customization Head TitlePortal Login/title Replace this with a link like the following Div id=errorbox style=display none V1.0, June Figure C-1shows a sample of a translated Figure C-2 Customizing the Welcome V1.0, June Customizing the Pop-Up Box Customizing the Logged Out Box V1.0, June Document Link Appendix D Related Documents V1.0, May Numbers Index Netgear FrameMaker Templates for the Reference Print Manual Index Index-3 Index-4