Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 207 Access Points

161

162

163

164

165

166

167

168

169

170

l For EAP-TLS authentication, ensure that the server and CAcertificates from the authentication servers are

uploaded on the W-IAP. For more information, see Uploading Certificates on page 175.

In the CLI

To configure authentication survivability for a wireless network:

(Instant AP)(config)# wlan ssid-profile <name>

(Instant AP)(SSID Profile <name>)# type {<Employee>|<Voice>|<Guest>}

(Instant AP)(SSID Profile <name>)# auth-server <server-name1>

(Instant AP)(SSID Profile <name>)# auth-survivability

(Instant AP)(SSID Profile <name>)# exit

(Instant AP)(config)# auth-survivability cache-time-out <hours>

(Instant AP)(config)# end

(Instant AP)# commit apply

To view the cache expiry duration:

(Instant AP)# show auth-survivability time-out

To view the information cached by the W-IAP:

(Instant AP)# show auth-survivability cached-info

To view logs for debugging:

(Instant AP)# show auth-survivability debug-log

Configuring 802.1X Authentication for a Network Profile

This section consists of the following procedures:

l Configuring 802.1X Authentication for Wireless Network Profiles on page 163

l Configuring 802.1X Authentication for Wired Profiles on page 164

The Instant network supports internal RADIUS server and external RADIUS server for 802.1X authentication.

The steps involved in 802.1X authentication are as follows:

1. The NAS requests authentication credentials from a wireless client.

2. The wireless client sends authentication credentials to the NAS.

3. The NAS sends these credentials to a RADIUS server.

4. The RADIUS server checks the user identity and authenticates the client if the user details are available in its

database. The RADIUS server sends an Access-Accept message to the NAS. If the RADIUS server cannot

identify the user, it stops the authentication process and sends an Access-Reject message to the NAS. The

NAS forwards this message to the client and the client must re-authenticate with appropriate credentials.

5. After the client is authenticated, the RADIUS server forwards the encryption key to the NAS. The encryption

key is used for encrypting or decrypting traffic sent to and from the client.

The NAS acts as a gateway to guard access to a protected resource. A client connecting to the wireless network

first connects to the NAS.

Configuring 802.1X Authentication for Wireless Network Profiles

You can configure 802.1X authentication for a wireless network profile in the Instant UI or the CLI.

In the Instant UI

To enable 802.1X authentication for a wireless network:

1. On the Network tab, click New to create a new network profile or select an existing profile for which you

want to enable 802.1X authentication and click edit.

Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide Authentication and User Management | 163