7-64
Wireless Security Configuration
Web Authentication for Mobile Users
■ Web-Auth settings are included in the Group Configuration Parameter
Block, and are shared when Group Configuration is enabled (see
“Managing Group Configuration” on page 5-63).
■ When using Web-Auth, users must disable any proxy server for their web
browser.
Configuration Summary
Configuring the AP-530 to provide mobile clients with Web-Auth requires
several steps:
1. Configure the WLAN-SSID and VLAN ID (as described in Chapters 5 and
6).
2. Optionally, configure static WEP or WPA-PSK security (as described in
“Establishing Security” on page 7-16).
3. Specify the RADIUS server that will authenticate registered users and the
global guest user account (as described in “Configuring RADIUS Client
Authentication” on page 7-32).
4. Configure the Web-Auth guest credentials if you are using Guest Login.
5. Configure the Web-Auth temporary IP address pool.
6. Configure Web-Auth for the WLAN.
a. Select a login type: User Login, Guest Login, or both.
b. Specify the redirect URL and retry limit.
c. Accept the default screen fields or customize them for your environ-
ment.
d. Enable Web-Auth.
Web: Configuring the Global Address Pool
The Web Authentication screen shown in Figure 7-17 configures the range of
temporary IP addresses reserved for Web-Auth users.
You can modify these parameters:
■ Starting IP Address: Specifies the first IP address in the range of
temporary IP address to be assigned to the Web-Auth temporary address
pool.
■ Subnet Mask: Specifies the subnet mask that defines the extent of the
range of IP address in the address pool.
■ Lease Time: Specifies the lease, in seconds, granted to Web-Auth tempo-
rary addresses.
To Next Page
Loading...
