Manualshelf

Specifications

ManualsBrandsMotorola ManualsComputer equipmentWS2000 - Wireless Switch - Network Management Device
81828384858687888990
Wireless Configuration 5-9
3. The administrator is required to specify the RADIUS Server Address of a primary RADIUS server for
this type of authentication to work. Providing the IP address of a secondary server is optional. The
secondary server acts as a failover server if the switch cannot successfully contact the primary server.
4. Specify the port on which the primary RADIUS server is listening in the RADIUS Port field. Optionally,
specify the port of a secondary (failover) server. Older RADIUS servers listen on ports 1645 and 1646.
Newer servers listen on ports 1812 and 1813. Port 1645 or 1812 is used for authentication. Port 1646 or
1813 is used for accounting. The ISP or a network administrator can confirm the appropriate primary and
secondary port numbers.
5. The administrator can specify a RADIUS Shared Secret for authentication on the primary RADIUS
server. Shared secrets are used to verify that RADIUS messages (with the exception of the Access-
Request message) are sent by a RADIUS-enabled device that is configured with the same shared secret.
The shared secret is a case-sensitive string that can include letters, numbers, or symbols. Make the
shared secret at least 22 characters long to protect the RADIUS server from brute-force attacks.
6. To use the local RADIUS server as the primary server, click the Use Local Radius button.
7. Specify the interface to bind the RADIUS client to. Select the interface to bind the RADIUS client from
the drop down list under each authentication server. With this feature, it is now possible to authenticate
a wireless (802.1x authentication) user with a RADIUS server through a VPN tunnel.
If the RADIUS server is on a network accessible through a VPN tunnel, then the tunnel must be
configured. The bind interface should be the same as the Local Subnet configured for the VPN tunnel.
Reauthentication Settings
8. Check the Enable Reauthentication check box to enable this authentication method.
9. In the Period field, set the EAP reauthentication period to match the appropriate level of security. A
shorter time interval (~30 seconds or longer) provides tighter security on this WLAN’s wireless
connections. A longer interval (5000-9999 seconds) relaxes security on wireless connections. The
reauthentication period setting does not affect a wireless connection’s throughput. The engaged Access
Port continues to forward traffic during the reauthentication process.