1. Manuals
  2. Brands
  3. SMC Networks Manuals
  4. Network Router
  5. 2585W-G FICHE
  6. User manual

Ieee 802.1X/Radius - SMC Networks 2585W-G User Manual

Eliteconnect 2.4ghz dual-radio 802.11g bridge
Hide thumbs Also See for 2585W-G:
Table of Contents

Advertisement

3.5.3. IEEE 802.1x/RADIUS

IEEE 802.1x Port-Based Network Access Control is a new standard for solving some secu-
rity issues associated with IEEE 802.11, such as lack of user-based authentication and dy-
namic encryption key distribution. With IEEE 802.1x, a RADIUS (Remote Authentication
Dial-In User Service) server, and a user account database, an enterprise or ISP (Internet
Service Provider) can manage its mobile users' access to its wireless LANs. Before granting
access to a wireless LAN supporting IEEE 802.1x, a user has to issue his or her user name
and password or digital certificate to the backend RADIUS server by EAPOL (Extensible
Authentication Protocol Over LAN). The RADIUS server can record accounting information
such as when a user logs on to the wireless LAN and logs off from the wireless LAN for
monitoring or billing purposes.
The IEEE 802.1x functionality of the access point is controlled by the security mode (see
Section 3.5.2.1). So far, the wireless access point supports two authentication mecha-
nisms—EAP-MD5 (Message Digest version 5), EAP-TLS (Transport Layer Security). If
EAP-MD5 is used, the user has to give his or her user name and password for authentica-
tion. If EAP-TLS is used, the wireless client computer automatically gives the user's digital
certificate that is stored in the computer hard disk or a smart card for authentication. And af-
ter a successful EAP-TLS authentication, a session key is automatically generated for wire-
less packets encryption between the wireless client computer and its associated wireless
access point. To sum up, EAP-MD5 supports only user authentication, while EAP-TLS sup-
ports user authentication as well as dynamic encryption key distribution.
Fig. 49. IEEE 802.1x and RADIUS.
SMC2585W-G supports IEEE 802.1x and can be configured to communicate with two RA-
DIUS servers. When the primary RADIUS server fails to respond, SMC2585W-G will try to
communicate with the secondary RADIUS server. You can specify the length of timeout and
the number of retries before communicating with the secondary RADIUS server after failing
to communicate with the primary RADIUS server.
An IEEE 802.1x-capable wireless access point and its RADIUS server(s) share a secret key
36

Advertisement

Table of Contents
loading

Related Manuals for SMC Networks 2585W-G

Related Content for SMC Networks 2585W-G

This manual is also suitable for:

Smc2585w-g

Table of Contents