Manualshelf

Specifications

ManualsBrandsMotorola ManualsComputer equipmentWS2000 - Wireless Switch - Network Management Device
81828384858687888990
5-10 WS2000 Wireless Switch System Reference Guide
10.In the Max. Retries field, set the maximum number of retries for a client to successfully reauthenticate
after failing to complete the EAP process. If the mobile unit fails the authentication process in specified
number of retries, the switch will terminate the connection to the mobile unit.
Advanced Settings
11.The MU Quiet Period field allows the administrator to specify the idle time (in seconds) between a
mobile unit’s authentication attempts, as required by the server.
12.The MU Timeout field allows the administrator to specify the time (in seconds) for the mobile unit’s
retransmission of EAP-Request packets.
13.The MU Tx Period field allows the administrator to specify the time period (in seconds) for the server’s
retransmission of the EAP-Request/Identity frame.
14.The MU Max Retries field allows the administrator to set the maximum number of times for the mobile
unit to retransmit an EAP-Request frame to the server before it times out the authentication session.
Note that this is a different value from the Max Retry field at the top of the window.
15.The Server Timeout field indicates the maximum time (in seconds) that the switch will wait for the
server’s transmission of EAP Transmit packets.
16.The Server Max Retries field allows the administrator to set the maximum number of times for the
server to retransmit an EAP-Request frame to the client before it times out the authentication session.
Note that this is a different value from the Max. Retries field at the top of the window.
NOTE: When changing the Server Max Retries setting to anything other than the default value, there is
a known bug that can cause RADIUS authentication to fail.
RADIUS Client Accounting and Syslog Setup
17.Use the Enable Accounting check box to enable saving the RADIUS logs on the device’s Compact Flash
(CF) card.
18.If accounting is enabled, enter the maximum amount of time a client will wait for an acknowledgement
from the RADIUS accounting server before resending the accounting packet in the MU Timeout field. In
the Retries field, enter the maximum number of times for the client will resend the accounting packet to
the RADIUS accounting server before giving up.
19.To enable 802.1x EAP message logging to an external Syslog server, check the Enable Syslog box and
then specify the IP address of the syslog server in the Syslog Server IP field.
20.Click the Ok button to save changes.
5.3.3 Configuring Kerberos Authentication
Kerberos provides a strong authentication method for client/server applications by using secret-key
cryptography. Using this protocol, a client can prove their identity to a server (and vice versa) across an
insecure network connection. After a client and server use Kerberos to prove their identity, they can encrypt
all communications to assure privacy and data integrity.
1. Select the Kerberos radio button to enable Kerberos authentication.
2. Click the Kerberos Configuration button to display a sub-screen for authentication settings.