Black Box LWN600CM-1 Guia do Utilizador descarregar pdf (Página 114)

724-746-5500 | blackbox.com

Page114

724-746-5500 | blackbox.com

Chapter 9: Common Configuration Examples

When cleared, this setting allows access to authenticated users even when the Tunnel-Private-Group-ID attribute that the

RADIUS authentication server returns matches another user profile configured on the SmartPath AP but not specified for

this SSID. If you do not mind granting access to all valid user accounts on the RADIUS authentication server, disable this

option by clearing the checkbox. This is the default setting.

On the other hand, if you want to restrict access to authenticated users only when the RADIUS authentication server

returns attributes that match one of the specified user profiles for the SSID, enable this option by selecting the checkbox

and then specifying the action that you want to the SmartPath AP to take: ban the client for a period of time, ban it

indefinitely, or simply disconnect it. You might want to enable this if the RADIUS authentication server contains accounts

for users other than employees and IT staff—perhaps there are accounts for contractors and guests. Even though the

server would approve authentication requests from such users if they submitted a correct user name and password, you

might not want them to use this SSID to access the WLAN.

SSIDBroadcastBand:2.4GHz(11n/b/g)

 AssigninganSSIDtothe2.4-GHzradioinaccessmodeallowsSmartPathAPstousetheirsecondradio,whichoperates

at5GHz,forwirelessbackhaulcommunications.

Applying the RADIUS and SSID Settings to SmartPath APs

1. Click Configuration > WLAN Policies > (select the name of a WLAN policy that has already been applied to the SmartPath APs)

> Add/Remove SSID Profile, select corp-wifi in the Available SSID Profiles list, click the right arrow ( > ) to move it to the

Selected SSID Profiles list, click Apply to add the SSID to the WLAN policy, and then click Save to save the modified policy and

close its dialog box.

2. Click Monitor > Access Points > SmartPath APs > (checkboxes for the two SmartPath AP RADIUS authenticators) > Update >

Upload and Activate Configuration, enter the following, and then click Upload:

Upload and activate configuration: (select)

Upload and activate CWP pages and Server key: (clear)

Upload and activate certificate for RADIUS and VPN services: (clear)

Upload and activate employee, guests, and contractor credentials: (clear)

Check boxes for both SmartPath APs: (select)

Connecting Supplicants to the WLAN

The 802.1X authentication process is somewhat different depending on the operating system on which the RADIUS supplicant is

running and whether the client uses the user’s login credentials to authenticate itself on a domain. If the supplicant is on a PC

running Windows Vista

and is on a domain, and the RADIUS server is configured with domain authentication:

1. View the available SSIDs in the area, and select corp-wifi.

2. Click Connect.

Because most PC-based supplicants use their Windows login credentials to authenticate the client with the domain, the 802.1X

authentication process happens automatically.

NOTE: If the supplicant is on a PC running Windows XP, you must configure it to use PEAP for authentication. By default, a

Windows XP wireless client uses Smart Card or other Certificate instead of PEAP.

If the supplicant is Windows based and you are not on a domain:

1. Configure the SSID on your client as follows:

Network name (SSID): corp-wifi

Network authentication: WPA2

1 2 ... 109 110 111 112 113 114 115 116 117 118 119 ... 191 192

Comentários a estes Manuais

Sem comentários

Black Box LWN600CM-1 Guia do Utilizador Página 114

Comentários a estes Manuais