Services Configuration 9 - 49
the external LDAP server resource. Therefore, up to two LDAP agents can be provided locally so remote LDAP authentication
can be successfully accomplished on the remote LDAP resource using credentials maintained locally.
8. Set the following Session Resumption/Fast Reauthentication settings to define how server policy sessions are
re-established once terminated and require cached data to resume:
9. Select OK to save the settings to the server policy configuration. Select Reset to revert to the last saved configuration.
10. Select the Client tab and ensure the Activate RADIUS Server Policy button remains selected.
The access point uses a RADIUS client as a mechanism to communicate with a central server to authenticate users and
authorize access.
The client and server share a secret (a password). That shared secret followed by the request authenticator is put through
a MD5 hash to create a 16 octet value used with the password entered by the user. If the user password is greater than 16
octets, additional MD5 calculations are performed, using the previous ciphertext instead of the request authenticator. The
server receives a RADIUS access request packet and verifies the server possesses a shared secret for the client. If the
server does not possess a shared secret for the client, the request is dropped. If the client received a verified access accept
packet, the username and password are considered correct, and the user is authenticated. If the client receives a verified
access reject message, the username and password are considered incorrect, and the user is not authenticated.
Username Enter a128 character maximum username for the LDAP server’s domain administrator.
This is the username defined on the LDAP server for RADIUS authentication requests.
Password Enter and confirm the 32 character maximum password (for the username provided
above). The successful verification of the password maintained on the controller or
service platform enables PEAP-MSCHAPv2 authentication using the remote LDAP
server resource.
Retry Timeout Set the number of Seconds (60 - 300) or Minutes (1 - 5) to wait between LDAP server
access requests when attempting to join the remote LDAP server’s domain. The default
settings is one minute.
Redundancy Define the Primary or Secondary LDAP agent configuration used to connect to the
LDAP server domain.
Domain Name Enter the name of the domain (from 1 - 127 characters) to which the LDAP server
resource belongs.
Enable Session Resumption Select the check box to control volume and the duration cached data is maintained by
the server policy upon the termination of a server policy session. The availability and
quick retrieval of the cached data speeds up session resumption. This setting is
disabled by default.
Cached Entry Lifetime Use the spinner control to set the lifetime (1 - 24 hours) cached data is maintained by
the RADIUS server policy. The default setting is 1 hour.
Maximum Cache Entries Use the spinner control to define the maximum number of entries maintained in cache
for this RADIUS server policy. The default setting is 128 entries.
To Next Page
Loading...
