User's Manual

ManualsBrandsAccton Technology ManualsElectronicsHiveAP 20ag

Deployment Guide 123

EXAMPLE 7: DEFINING AAA RADIUS SETTINGS

EXAMPLE 7:DEFINING AAA RADIUS SETTINGS

In this example, you define the connection settings for a RADIUS server so that HiveAPs can send RADIUS

authentication requests to the proper destination.

After corporate employees associate with HiveAPs, they gain network access by authenticating themselves to a

RADIUS server. The authentication process makes use of the IEEE 802.1X standard. Within this context, wireless

clients act as supplicants, HiveAPs as authenticators, and the RADIUS server as the authentication server. The roles

of each participant, packet exchanges, and connection details for the RADIUS server are shown in Figure16.

Figure 16 IEEE 802.1X Authentication Process

1.Click Configuration > Authentication > AAA Client Settings > New > General, and then enter the following:

• RADIUS Name: RADIUS-Servers (You cannot use spaces in the RADIUS profile name.)

• Retry Interval: 1800 (Seconds)

Enter the period of time that a HiveAP waits before retrying a previously unresponsive primary RADIUS

server. If a primary RADIUS server does not respond to three consecutive attempts—where each attempt

consists of ten authentication requests sent every three seconds (30 seconds for a complete request)—and a

backup RADIUS server has been configured, the HiveAP sends further authentication requests to the backup

server. The default is 600 seconds (or 10 minutes). The minimum is 60 seconds and the maximum is

Note: You can define a HiveAP as a RADIUS server. A HiveAP RADIUS server only supports 802.1X authentication,

so you cannot use it to authenticate users through a captive web portal.

ß -«°°´·½¿²¬ ø©·®»´»-- ½´·»²¬÷ ³¿µ»- ¿²

¿--±½·¿¬·±² ©·¬¸ ¿² ¿«¬¸»²¬·½¿¬±® øØ·ª»ßÐ÷ò

Ì¸» ¿«¬¸»²¬·½¿¬±® ½¸»½µ- ¬¸» ÎßÜ×ËÍ ½±¼»

·²¼·½¿¬·²¹ ©¸»¬¸»® ¬¸» -«°°´·½¿²¬ ·- ¿½½»°¬»¼

±® ®»¶»½¬»¼ò ø×¬ ¿´-± ½¸»½µ- º±® ¿¬¬®·¾«¬»-

·²¼·½¿¬·²¹ ¬¸» «-»® ¹®±«° º±® ¬¸» -«°°´·½¿²¬÷ò

Ì¸» -«°°´·½¿²¬ ½¸»½µ- ¬¸» ÛßÐ ³»--¿¹»ò

Ì¸» ¿«¬¸»²¬·½¿¬±® ¿²¼ -«°°´·½¿²¬ »¨½¸¿²¹»

ÛßÐóÎ»¯«»-¬ñ×¼»²¬·¬§ ¿²¼ ÛßÐóÎ»-°±²-»ñ

×¼»²¬·¬§ ³»--¿¹»-ò

Í«°°´·½¿²¬

øÉ·®»´»-- Ý´·»²¬÷

ß«¬¸»²¬·½¿¬±®

øØ·ª»ßÐ÷

ß«¬¸»²¬·½¿¬·±² Í»®ª»®-

øÎßÜ×ËÍ Í»®ª»®-÷

¿ ÎßÜ×ËÍ ß½½»--óß½½»°¬ ±® ß½½»--óÎ»¶»½¬

³»--¿¹» ½±²¬¿·²·²¹ ¿² ÛßÐóÍ«½½»-- ±®

ÛßÐóÚ¿·´«®» ³»--¿¹»ò

Ì¸» ¿«¬¸»²¬·½¿¬±® -»²¼- ¬¸» ÛßÐóÎ»-°±²-»ñ

×¼»²¬·¬§ ³»--¿¹» ¿- ±²» ±® ³±®» ¿¬¬®·¾«¬»- ·²

¿ ÎßÜ×ËÍ ß½½»--óÎ»¯«»-¬ ³»--¿¹» ¬± ¬¸» ×Ð

¿¼¼®»-- ±º ¬¸» ÎßÜ×ËÍ ¿«¬¸»²¬·½¿¬·±² -»®ª»®ò

ìë

ò ò ò Ü»°»²¼·²¹ ±² ¬¸» ¿«¬¸»²¬·½¿¬·±² ³»¬¸±¼‰ÌÔÍô ÌÌÔÍô ÐÛßÐ‰³±®» »¨½¸¿²¹»- ³·¹¸¬ ¬¿µ» °´¿½» ¸»®» ò ò ò

Primary RADIUS Server

IP address: 10.1.1.15

Shared secret: J7ix2bbbLA

Authentication port: 1812

Server priority: First

Secondary RADIUS Server

IP address: 10.1.2.16

Shared secret: J8Dx2c13Mb

Authentication port: 1812

Server Priority: Second