Specifications
6-11
Configuring the AP for Authentication
5. Choose Save.
Configuring the AP for Authentication
Before you can configure the AP as a RADIUS client, you must choose the type of
authentication to use: MAC address, 802.1X, or both. Also, you need to have the following
RADIUS server information available:
• Primary Server IP Address: IP Address of the primary RADIUS authentication
server. The IP Address must be an IP Version 4 address.
• Secondary Server IP Address: IP Address of the secondary RADIUS authentication
server, if used. The IP Address must be an IP Version 4 address. If you are not using a
secondary RADIUS server (as a backup server), enter 0.0.0.0 or leave it blank.
• Primary Authentication Port: A value between 1 and 65535. Standard values are
1812 (default) and 1645. This value must match the primary RADIUS server
configuration.
• Secondary Authentication Port: A value between 1 and 65535. Standard values are
1812 (default) and 1645. This value must match the secondary RADIUS server
configuration, if used.
• Shared Secret: The text string that ensures that the data exchanged between the server
and the AP is valid. The shared secret must match the corresponding entry for the AP
in the RADIUS server database.
• Retry Limit: Valid range is 0 to 20 times. Default is 5.
• Retry Timer: Number of seconds between retries. Valid range is 2 to 10 seconds.
Default is 5 seconds.
If using MAC address or hybrid authentication, you must provide the MAC address of your
wireless client (PC) to the Network Administrator.
NOTE: If you use the AP Manager after you set the Authenticator in
the console, you must set the AP RADIUS Management Authenticator
to match the Authenticator you set in the console.
NOTE: User names (MAC addresses) are case-sensitive (lower-case),
and in the format: 00-e0-63-ab-ce-ef
If possible, configure the RADIUS server to authenticate the user without
checking a password. Otherwise, use a password of “NOPASSWORD”
for all of the MAC address based user names.