EasyManuals Logo
Home>Siemens>Wireless Access Point>SCALANCE W1750D UI

Siemens SCALANCE W1750D UI User Manual

Siemens SCALANCE W1750D UI
570 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #222 background imageLoading...
Page #222 background image
Authentication and User Management
14.6 Configuring Authentication Survivability
SCALANCE W1750D UI
222 Configuration Manual, 02/2018, C79000-G8976-C451-02
14.6
Configuring Authentication Survivability
The authentication survivability feature supports a survivable authentication framework
against any remote link failures when working with external authentication servers. When
enabled, this feature allows the APs to authenticate the previously connected clients against
the cached credentials if the connection to the authentication server is temporarily lost.
SCALANCE W supports the following EAP standards for authentication survivability:
EAP-PEAP
: The Protected Extensible Authentication Protocol, also known as Protected
EAP or PEAP, is a protocol that encapsulates EAP within a potentially encrypted and
authenticated Transport Layer Security (TLS) tunnel.
The EAP-PEAP supports MS-
CHAPv2 and GTC methods.
EAP-TLS
: EAP-Transport Layer Security (EAP-TLS) is an IETF open standard that uses
the Transport Layer Security (TLS) protocol.
When the authentication survivability feature is enabled, the following authentication process
is used:
1. The client associates to an AP and authenticates to the external authentication server.
The external authentication server can be either ClearPass Policy Manager (for EAP-
PEAP) or RADIUS server (EAP-TLS).
2. Upon successful authentication, the associated AP caches the authentication credentials
of the connected clients for the configured duration. The cache expiry duration for
authentication survivability can be set within the range of 199 hours, with 24 hours being
the default cache timeout duration.
3. If the client roams or tries to reconnect to the AP and the remote link fails due to the
unavailability of the authentication server, the AP uses the cached credentials in the
internal authentication server to authenticate the user. However, if the client tries to
reconnect after the cache expiry, the authentication fails.
4. When the authentication server is available and if the client tries to reconnect, the AP
detects the availability of server and allows the client to authenticate to the server. Upon
successful authentication, the AP cache details are refreshed.
Enabling Authentication Survivability
You can enable authentication survivability for a wireless network profile through the UI or
the CLI.
In the SCALANCE W UI
To configure authentication survivability for a wireless network:
1. On the
Network
tab, click
New
to create a new network profile or select an existing profile
for which you want to enable authentication survivability and click
edit
.
2. In the
Edit <profile-name>
or the
New WLAN
window, ensure that all required WLAN and
VLAN attributes are defined, and then click
Next
.
3. On the
Security
tab, under
Enterprise
security settings, select an existing authentication
server or create a new server by clicking
New
.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Siemens SCALANCE W1750D UI and is the answer not in the manual?

Siemens SCALANCE W1750D UI Specifications

General IconGeneral
BrandSiemens
ModelSCALANCE W1750D UI
CategoryWireless Access Point
LanguageEnglish

Related product manuals