120
RADIUS Server Configuration
If using WPA2-Enterprise mode, the RADIUS server on your network must be configured as
follows:
•
It must provide and accept certificates for user authentication.
•
There must be a client login for the wireless access point itself.
•
The wireless access point will use its default name as its client login name. (However, your
RADIUS server may ignore this and use the IP address instead.)
•
The Shared Key, set on the Security screen of the access point, must match the Shared
Secret value on the RADIUS server.
•
Encryption settings must be correct.
802.1x Server Setup (Windows 2000 Server)
This section describes using Microsoft Internet Authentication Server as the RADIUS server,
since it is the most common RADIUS server available that supports the EAP-TLS authentication
method.
The following services on the Windows 2000 Domain Controller (PDC) are also required.
•
dhcpd
•
dns
•
rras
•
webserver (IIS)
•
RADIUS Server (Internet Authentication Service)
•
Certificate Authority
Windows 2000 Domain Controller Setup
1.
Run dcpromo.exe from the command prompt.
2.
Follow all of the default prompts, ensure that DNS is installed and enabled during
installation.
Services Installation
1.
Select the Control Panel > Add/Remove Programs.
2.
Click Add/Remove Windows Components from the left side.
3.
Ensure that the following components are selected.
•
Certificate Services—After enabling this, you will see a warning that the computer
cannot be renamed and joined after installing certificate services. Select Yes to
select certificate services and continue
To Next Page
Loading...
