Specifications
Introduction
Altitude 3500 Series Access Point Product Reference Guide
28
For detailed information on configuring the access point for additional LAN subnet support, see
“Configuring the LAN Interface” on page 113.
On-board RADIUS Server Authentication
The access point has the ability to work as a RADIUS Server to provide user database information and
user authentication. Several new screens have been added to the access point’s menu tree to configure
RADIUS server authentication and configure the local user database and access policies. A new
RADIUS Server screen allows an administrator to define the data source, authentication type and
associate digital certificates with the authentication scheme. The LDAP screen allows the administrator
to configure an external LDAP Server for use with the access point. A new Access Policy screen enables
the administrator to set WLAN access based on user groups defined within the User Database screen.
Each user is authorized based on the access policies applicable to that user. Access policies allow an
administrator to control access to a user groups based on the WLAN configurations.
For detailed information on configuring the access point for AAA RADIUS Server support, see
“Configuring User Authentication” on page 217.
Hotspot Support
The access point allows hotspot operators to provide user authentication and accounting without a
special client application. The access point uses a traditional Internet browser as a secure authentication
device. Rather than rely on built-in 802.11 security features to control access point association privileges,
you can configure a WLAN with no WEP (an open network). The access point issues an IP address to
the user using a DHCP server, authenticates the user and grants the user to access the Internet.
If a tourist visits a public hotspot and wants to browse a Web page, they boot their laptop and associate
with a local Wi-Fi network by entering a valid SSID. They start a browser, and the hotspot’s access
controller forces the un-authenticated user to a Welcome page (from the hotspot operator) that allows
the user to login with a username and password. In order to send a redirected page (a login page), a
TCP termination exists locally on the access point. Once the login page displays, the user enters their
credentials. The access point connects to the RADIUS server and determines the identity of the
connected wireless user. Thus, allowing the user to access the Internet once successfully authenticated.
For detailed information on configuring the access point for Hotspot support, see “Configuring WLAN
Hotspot Support” on page 146.
Routing Information Protocol (RIP)
RIP is an interior gateway protocol that specifies how routers exchange routing-table information. The
parent Router screen also allows the administrator to select the type of RIP and the type of RIP
authentication used.
For detailed information on configuring RIP functionality as part of the access point’s Router
functionality, see “Setting the RIP Configuration” on page 165.
Manual Date and Time Settings
As an alternative to defining a NTP server to provide access point system time, the access point can
now have its date and time set manually. A new Manual Date/Time Setting screen can be used to set
the time using a Year-Month-Day HH:MM:SS format.