Datasheet

ManualsBrandsZebra Manualscircuit protectionML-1499-LAK1-01R

171

172

173

174

175

176

177

178

179

180

Configuring Access Point Security

6-13

6. Select the Advanced Settings tab as required to specify a MU quiet period, timeout

interval, transmit period, and retry period for MUs and the authentication server.

Radius Server

Address

Specify the numerical (non-DNS) IP address of a primary Remote

Dial-In User Service (RADIUS) server. Optionally, specify the IP

address of a secondary server. The secondary server acts as a

failover server if the primary server cannot be contacted. An ISP or

a network administrator provides these addresses.

RADIUS is a client/server protocol and software enabling remote-

access clients to communicate with a server used to authenticate

users and authorize access to the requested system or service.

RADIUS Port Specify the port on which the primary RADIUS server is listening.

Optionally, specify the port of a secondary (failover) server. Older

RADIUS servers listen on ports 1645 and 1646. Newer servers

listen on ports 1812 and 1813. Port 1645 or 1812 is used for

authentication. Port 1646 or 1813 is used for accounting. The ISP or

a network administrator needs to confirm the appropriate primary

and secondary port numbers for authentication.

RADIUS Shared

Secret

Specify a shared secret for authentication on the primary RADIUS

server. The shared secret is required to match the shared secret on

the Radius server. Optionally, specify a shared secret for a

secondary (failover) server. Use shared secrets to verify RADIUS

messages (with the exception of the Access-Request message)

sent by a RADIUS-enabled device configured with the same shared

secret.

Apply the qualifications of a well-chosen password to the

generation of a shared secret. Generate a random, case-sensitive

string using letters, numbers and symbols. Verify the shared secret

is at least 22 characters to protect the RADIUS server from brute-

force attacks. An example of a strong and secure shared secret is:

8d#>9fq4bV)H7%a3-zE13sW.

MU Quiet Period

(1-65535) secs

Specify an idle time (in seconds) between MU authentication

attempts, as required by the authentication server. The default is

10 seconds.

MU Timeout

(1-255) secs

Define the time (in seconds) for the AP-5131’s retransmission of

EAP-Request packets. The default is 10 seconds.