User guide

ManualsBrandsEnterasys ManualsComputer equipment802.11

RADIUS Authentication

Enterasys Wireless Standalone 802.11n AP User Guide 2-5

•MUstatistichistory

•Pre‐a

uthentication

AclusterformswhenAPsoperatingwithi

nthesamesubnetareconfiguredwiththesamecluster

ID(sharedsecret).AclusterAPcanexistatanypointinyournetwork.Eachclustermember

periodically(30seconds)sendsasecureSIAPPmulticastmessagetoupdateothercluster

members.TheSIAPPmessageincludes:

•TheAPNa

•TheAPEthernetMA

Caddress

•TheAPIPaddress

•Theclientcount

•ThebaseBSSIDsforbothradios

EachAPcach

eslocallyinformationaboutotherclustermembersandmaintainsitsownviewof

thecluster.Formoreinformationaboutconfiguringacluster,see“Configur

ingGeneralLAN

Settings”onpage4‐2.

RADIUS Authentication

RemoteAuthenticationDial‐inUserService(RADIUS)isanauthenticationprotocolthatuses

softwarerunningonacentralservertocontrolaccesstoRADIUS‐awaredevicesonthenetwork.

Anauthenticationservercontainsadatabaseofusercredentialsforeachuserthatrequiresaccess

tothenetwork.

Youmustspeci

fyaprimaryRADIUSserverfortheAPtoimplementIEEE802.1x networkaccess

controlandWi‐FiProtectedAccess(WPA)wirelesssecurity.Youcanalsospecifyasecondary

RADIUSserverasabackup shouldtheprimaryserverfailorbecomeinaccessible.

Inaddition,theco

nfiguredRADIUSservercanalsoactasaRADIUSaccountingserverand

receiveuser‐sessionaccountinginformationfromtheaccesspoint.RADIUSaccountingcanbe

usedtoprovidevaluableinformationonuseractivityinthenetwork.

Notes: This guide assumes that you already configured RADIUS server(s) to support the access

point. Configuration of RADIUS server software is beyond the scope of this guide. Refer to the

documentation provided with the RADIUS server software.

If you are using RADIUS, it is highly recommended that you assign the AP a static IP address to

ensure that the address doesn’t change via DHCP.

ForinformationaboutRADIUSconfiguration,see“ConfiguringRADIUSAuthentication”on

page4‐10.

About Network Security

TheAPprovidesfeaturesandfunctionalitytocontrolnetworkaccess.Thesearebasedon

standardwirelessnetworksecuritypractices.Currentwirelessnetworksecuritymethodsprovide

adegreeofprotection.ThesemethodsincludeanopensystemthatreliesonSSIDs.

TheAPsuppo

rtsthefollowingencryptionapproaches:

•WiredEquiv

alentPrivacy(WEP)–Asecurityprotocolforwirelesslocalareanetworks

definedintheIEEE802.11bstandardthatprovidesstatickeymanagement,andWEP64‐bit,

128‐bit,and152‐bitciphers.