User`s manual
34
encryption between the wireless client computer and its associated wireless
access point. To sum up, EAP-MD5 supports only user authentication, while
EAP-TLS supports user authentication as well as dynamic encryption key
distribution.
An access point supporting IEEE 802.1x can be configured to communicate
with two RADIUS servers. When the primary RADIUS server fails to respond,
the wireless access point will try to communicate with the secondary RADIUS
server. Users can specify the length of timeout and the number of retries
before communicating with the secondary RADIUS server after failing to
communicate with the primary RADIUS server.
An IEEE 802.1x-capable wireless access point and its RADIUS server(s)
share a secret key so that they can authenticate each other. In addition to its
IP address, a wireless access point can identify itself by an NAS (Network
Access Server) identifier. Each IEEE 802.1x-capable wireless access point
must have a unique NAS identifier.