Manualshelf

User's Manual

ManualsBrandsRadioFrame Networks ManualsElectronicsB-Series GSM 1.0
81828384858687888990
GSM/802.11b RadioFrame System Method of Procedure
Connecting to the Customer LAN
RadioFrame Networks, Inc.
77
WPA offers strong user authentication through 802.1X and the Extensible Authentication
Protocol (EAP). EAP uses a RADIUS server to authenticate each user on the network
before they join it, and also employs "mutual authentication" so that the wireless user
does not accidentally join a rogue network that might steal its network credentials. If the
network is not using a RADIUS server or EAP, WPA may use a Pre-Shared Key (PSK).
With PSK, the client and access point use the same key to establish an association.
Once this key is verified, WPA then encrypts frames using TKIP to provide improved
security.
The RadioFrame System can also be configured to use 802.1x for authentication and key
management if TKIP is not supported by the WLAN clients. In this scenario, 802.1x is still
used for authentication however WEP is used for data encryption.
When an unauthenticated supplicant (wireless client) attempts to connect to an
authenticator (the iRAP), the iRAP responds by enabling a port for passing only EAP
packets from the client to the RADIUS server connected to the RFS. These EAP packets
are encrypted using a unique session key. The iRAP blocks all other traffic until the
RADIUS server indicates it has verified the client's identity. The iRAP then opens the
client's port for other types of traffic. The iRAP may then use the session key to derive a
unique WEP key for encrypting data between the client and the iRAP. These keys are
passed to the client in an EAP key message.
If your network includes a RADIUS (Remote Authentication Dial-In User Service) server
for authentication, you can also enable accounting on the RFS to send network
accounting information about wireless client devices to the RADIUS server.
Accounting information includes statistics about the data transmitted and received by the
iRAP, including account session ID, user name, client IP address, bytes received,
number of packets, and a timestamp. Enable accounting on the iRAPs to send network
accounting information about wireless client devices to a RADIUS server on your
network. (See the RADIUS server documentation for instructions on retrieving accounting
data.)
1 Start System Manager and log in to the RFS.
2 Select the System Configuration tab.
3 Select the 802.11 Global Configuration link under Other Configure Options.
The 802.11 Global Configuration page appears.