Manualshelf

Specifications

ManualsBrandsADTRAN ManualsComputer equipmentBlueSecure Controller
11121314151617181920
The BSC polls the BSAPs for the information displayed under Status>Active Connections>APs
based on the "Time in minutes between checking APs" setting under wireless>AP. By default
this is set to 10 minutes so the BSAPs will be polled every 10 minutes for this information.
Adjust to 1 minute.
I am setting up Internal 802.1x Authentication on the BSC. The BSC is configured to proxy
to RADIUS. Do I need to configure a RADIUS client in the RADIUS server for every single
access point or just the BSC?
With internal 802.1x both BSAPs and 3rd Party APs are configured to send RADIUS requests to
the BSC. The BSC is the RADIUS server and terminates EAP. The BSC then proxies inner
methods i.e. PAP, CHAP, MSCHAP, MSCHAPv2 to the external RADIUS server. All RADIUS
requests are sourced by the BSC's protected interface IP address and therefore you are not
required to configure a RADIUS client in the RADIUS server for every single AP. You only
need to configure a RADIUS client in the RADIUS server for the BSC with the protected
interface IP address or DNS name.
I am setting up Internal 802.1x authentication on the BSC. I want to authenticate directly
against Microsoft Active Directory so I do not have to install Microsoft's Radius
component (IAS or NPS). What is the LDAP Password Attribute Name for Microsoft
Active Directory?
Internal 802.1x can authenticate a user directly against an LDAP server if the LDAP server has a
readable attribute containing the MD4 hash of the users password. For example Open LDAP has
an "ntpassword" attribute that is readable and contains the MD4 hash of the user's password.
Microsoft Active Directory however does NOT have a readable attribute containing the MD4
hash of the user's password and therefore authenticating directly against MS AD is NOT
supported. Use IAS or NPS with MS AD.
I am setting up Transparent 802.1x Authentication on the BSC. Do I need to configure a
RADIUS client in the RADIUS server for every single access point or just the BSC?
With Transparent 802.1x both BSAPs and 3rd Party APs are configured to send RADIUS
requests to the RADIUS server. BSAPs however tunnel these requests in EtherIP (IP Protocol
97) to the BSC and the BSC then forwards them on to the RADIUS server. All RADIUS requests
from the BSAPs are sourced by the BSC's protected interface IP address and therefore you are
not required to configure a RADIUS client in the RADIUS server for every single BSAP. You
only need to configure a RADIUS client in the RADIUS server for the BSC with the protected