hit counter script

Radius Configuration; Operation Of Device Authentication; Operation Of User Authentication - GE MDS iNET Series Reference Manual

Wireless ip/ethernet transceiver
Hide thumbs Also See for MDS iNET Series:
Table of Contents

Advertisement

2.7.3 RADIUS Configuration

This section covers the authentication settings needed for the iNET radios to access the RADIUS server,
which is used for Device Level Security and for Wireless Access Security. GE MDS does not provide the
RADIUS server software.

Operation of Device Authentication

Device authentication forces the radio to authenticate before allowing user traffic to traverse the wireless
network. When
Device Security
radios need three types of certificates: public (client), private, and root (Certificate Authority). These files
are unique to each Remote radio and need to first be created at the server and then installed into each unit
via TFTP. The certificate files must be in DER format.
Device authentication uses the serial number of each radio as the Common Name (CN) in its certificate and
in its RADIUS identity field. Each Access Point and Remote radio must be identified/recognized by the
RADIUS Server through the Common Name (Serial number) and IP address entries.
NOTE:
Consult your RADIUS network administrator for assistance in configuration, or for help with
other issues that may arise.
To activate device authentication, select
behavior of this setting differs depending on whether it is implemented on an Access Point or a Remote
transceiver. An explanation of these behaviors is given below:
Access Point: When
Device Auth Method
and waits for the RADIUS Server to Authenticate the Remotes before allowing data to be passed from them.
When approval is received from the RADIUS Server, data from the Remote is allowed to pass.
Remote: When
Device Auth Method
Authentication from the RADIUS Server. If accepted, data is allowed to be transmitted. The Access Point
that the Remote connects to must have a valid RADIUS configuration and connection to the configured
RADIUS server.

Operation of User Authentication

When user authentication is set to
being allowed to manage the radio. In
In
mode the user name is
Local
When set to
, all logins to the local configuration services are required to be authenticated via the
RADIUS
RADIUS Server, including telnet and SSH (Secure Shell) sessions. Authentication must be accepted before
access to the radio menu is granted.
05-2806A01, Rev. L
is configured to use IEEE 802.1X as the authentication method, Remote
Device Auth Method
is set to
IEEE 802.1X
is set to
, the Remote halts any data it is passing, and requests
IEEE 802.1X
or
, you must enter a valid user name and password before
Local
RADIUS
mode both of these fields may be up to 40 characters long.
RADIUS
and the password may be up to 8 characters long.
iNET
MDS iNET Series Reference Manual
and set
as the active mode. The
IEEE 802.1X
, the AP disassociates all associated Remotes
67

Advertisement

Table of Contents
loading

This manual is also suitable for:

Mds inet-ii 900Mds inet 900

Table of Contents