62 CHAPTER 4: CONFIGURING THE WIRELESS STATIONS
■ A client logon account for the Access Point must be configured on the
RADIUS server.
■ The Access Point normally uses its default name as its client logon
name. However, the RADIUS server may ignore this and use the IP
address instead.
■ The shared secret value on the RADIUS server must match the
shared key that was configured on the Access Point.
■ The encryption settings on the RADIUS server must be correct.
Configuring the
Wireless Stations
After configuring the RADIUS server, configure the security settings on
the wireless stations so that they match the security settings specified on
the Access Point.
Table 15
lists the settings that you need to configure on the wireless
stations for WPA-802.1x
For specific instructions on how to configure these settings, refer to the
documentation that came with the wireless network adapter that is
installed on the wireless station.
Using 802.1x To use 802.1x for client authentication on your wireless network, you
need to:
■ Set up a Microsoft Internet Authentication Server as RADIUS server
Table 15 Client Wireless Settings When Using WPA-802.1x
Setting Description
Mode The wireless station must be set to infrastructure mode (not
ad hoc mode).
SSID (ESSID) The SSID must match an SSID that is specified on the Access
Point. The default SSID is 3Com.
NOTE: The SSID is case-sensitive.
802.1x
Authentication
The wireless station must obtain a certificate, which it will to
authenticate itself with the RADIUS server.
802.1x Encryption Normally, EAP-TLS is used for encryption. This is a dynamic
key system, so keys do not have to be entered on each
wireless station.
If preferred, you can also use a static WEP key (EAP-MD5) for
data encryption. The Access Point supports simultaneous use
of both encryption methods.
To Next Page
Loading...
