User`s manual
33
to download the MAC ACL (Access Control List) file from the TFTP
server.
3. Specify the IP address of the TFTP server in the TFTP server IP
address text box.
4. Specify the name of the MAC ACL file on the TFTP server in the MAC
ACL file name text box.
5. Click <Download>.
3.6.3 IEEE 802.1x/RADIUS
IEEE 802.1x Port-Based Network Access Control is a new standard for
solving some security issues associated with IEEE 802.11, such as lack of
user-based authentication and dynamic encryption key distribution. With IEEE
802.1x and the help of a RADIUS (Remote Authentication Dial-In User
Service) server and a user account database, an enterprise or ISP (Internet
Service Provider) can manage its mobile users’ access to its wireless LANs.
Before granted access to a wireless LAN supporting IEEE 802.1x, a user has
to issue his or her user name and password or digital certificate to the
backend RADIUS server by EAPOL (Extensible Authentication Protocol Over
LAN). The RADIUS server can record accounting information such as when a
user logs on to the wireless LAN and logs off from the wireless LAN for
monitoring or billing purposes.
The IEEE 802.1x functionality of the access point is controlled by the security
mode. So far, the wireless access point supports two authentication
mechanisms—EAP-MD5 (Message Digest version 5), EAP-TLS (Transport
Layer Security). If EAP-MD5 is used, the user has to give username and
password for authentication. If EAP-TLS is used, the wireless client computer
automatically gives the user’s digital certificate that is stored in the computer
hard disk or a smart card for authentication. And after a successful EAP-TLS
authentication, a session key is automatically generated for wireless packets