User guide

ManualsBrandsMotorola ManualsOther5440SM - Canopy 5.4 GHz Subscriber Module

451

452

453

454

455

456

457

458

459

460

Canopy System User Guide Configuring your RADIUS server for SM

configuration

pmp-0229 (Mar 2013)

451

Configuring your RADIUS servers for SM authentication

Your RADIUS server will need to be configured to use the

following:

• EAPTTLS or MSCHAPv2 as the Phase 1/Outer Identity

protocol.

• If Enable Realm is selected on the SM’s Configuration > Security tab, then the

same

Realm as appears there (or access to it).

• The same Phase 2 (Inner Identity) protocol as configured on the SM’s

Configuration

Security tab under Phase 2 options.

• The username and password for each SM configured on each SM’s

Configuration

Security

tab.

• An IP address and NAS shared secret that is the same as the IP address and Shared Secret

configured on the AP’s Configuration > Security tab for

that

RADIUS server.

• A server private certificate, server key, and CA certificate that complement

the

public

certificates distributed to the SMs, as well as the Canopy dictionary file

that

defines Vendor

Specific Attributes (VSAa). Default certificate files and

the

dictionary

file are available

from the software

site:

www.cambiumnetworks.com/support/pmp/software/ after entering

your

name,

email address, and either Customer Contract Number or the MAC address of

module covered under the 12 month

warranty.

Optionally, operators may configure the RADIUS server response messages (Accept or Reject) so

that the user has information as to why they have been rejected. The AP displays the RADIUS

Authentication Reply message strings in the Session Status list as part of each SM’s information.

The SM will show this string (listed as Authentication Response on the SM GUI )on the main

Status page in the Subscriber Module Stats section.

(Note: Aradial AAA servers only support operator-configurable Authentication Accept responses,

not Authentication Reject responses).

Configuring your RADIUS server for SM

configuration

Table 66 lists Canopy Vendor Specific Attributes (VSAs) along with VSA numbers and

other

details. The associated SM GUI page, tab, and parameter is listed to aid

cross-referencing

and

understanding of the

VSAs.