35
Client access authentication
1. PSK authentication
To implement pre-shared key (PSK) authentication, the client and the authenticator must have
the same shared key configured. Otherwise, the client cannot pass the PSK authentication.
2. 802.1X authentication
As a port-based access control protocol, 802.1X authenticates and controls accessing devices
at the port level. A device that is connected to an 802.1X-enabled port of a WLAN access
control device can access the resources on the WLAN only after passing authentication.
3. MAC address authentication
MAC address authentication does not require any client software. The MAC address of a client
is compared against a predefined list of allowed MAC addresses. If a match is found, the client
can pass the authentication and access the WLAN. If no match is found, the authentication fails
and access is denied. The entire process does not require the user to enter a username or
password. This type of authentication is suited to small networks (such as families and small
offices) with fixed clients.
MAC address authentication can be done locally or through a RADIUS server.
{ Local MAC address authentication—A list of usernames and passwords (the MAC
addresses of allowed clients) is created on the wireless access device and the clients are
authenticated by the wireless access device. Only clients whose MAC addresses are
included in the list can pass the authentication and access the WLAN.
{ MAC address authentication through RADIUS server—The wireless access device
serves as the RADIUS client and sends the MAC address of each requesting client to the
RADIUS server. If the client passes the authentication on the RADIUS server, the client can
access the WLAN within the authorization assigned by the RADIUS server. In this
authentication mode, if different domains are defined, authentication information of different
SSIDs are sent to different RADIUS servers based on their domains.
For more information about access authentication, see Security Configuration Guide.
Protocols and standards
• IEEE Standard for Information technology—Telecommunications and information exchange
between systems— Local and metropolitan area networks— Specific requirements -2004
• WI-FI Protected Access—Enhanced Security Implementation Based On IEEE P802.11i
Standard-Aug 2004
• Information technology—Telecommunications and information exchange between
systems—Local and metropolitan area networks—Specific requirements—802.11, 1999
• IEEE Standard for Local and metropolitan area networks "Port-Based Network Access Control"
802.1X™- 2004
• 802.11i IEEE Standard for Information technology—Telecommunications and information
exchange between systems—Local and metropolitan area networks—Specific requirements
Hardware compatibility with WLAN
WLAN is not available on the following routers:
• MSR 2600.
• MSR 30-11.
• MSR 30-11E.
• MSR 30-11F.
To Next Page
Loading...
Need help?
General
