Prestige 2602HWNLI-D7A Support Notes

Using External RADIUS Authentication Server

In addition to the internal authentication server inside ZyXEL AP, you can use external RADIUS authentication server to centrally manage the user account profile. RADIUS is based on a client-server model that supports authentication, authorization and accounting. The wireless AP is the client and the server is the RADIUS server.

The authenticator includes the RADIUS client, which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol (EAP) frames and interacting with the authentication server. When the authenticator receives EAPOL frames and relays them to the authentication server, the Ethernet header is stripped and the remaining EAP frame is re-encapsulated in the RADIUS format. The EAP frames are not modified or examined during encapsulation, and the authentication server must support EAP within the native frame format. When the authenticator receives frames from the authentication server, the server’s frame header is removed, leaving the EAP frame, which is then encapsulated for Ethernet and sent to the supplicant. When the client supplies its identity, the authenticator begins its role as the intermediary, passing EAP frames

118

All contents copyright (c) 2007 ZyXEL Communications Corporation.

Page 118
Image 118
ZyXEL Communications 2602HWNLI-D7A manual ∙ Using External Radius Authentication Server