Table of Contents
Advertisement
Chapter 11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Configuration parameters - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 11
Authentication method
Choose the default authentication method the CN3000 will use when exchanging
authentication packets with the primary/secondary RADIUS server defined for this
profile.
For 802.1x users, the authentication method is always determined by the 802.1x client
software and is not controlled by this setting.
If traffic between the CN3000 and the RADIUS server is not protected by a VPN, it is
recommended that you use either EAP-MD5 or MSCHAP V2, if supported by your
RADIUS Server. (PAP, MSCHAP V1 and CHAP are less secure protocols.)
NAS Id
Specify the network access server ID you want to use for the CN3000. By default, the
serial number of the CN3000 is used. The CN3000 includes the NAS-ID attribute in all
packets that it sends to the RADIUS server.
Always try primary server first
Set this option to force the CN3000 to contact the primary server first.
Otherwise, the CN3000 sends the first RADIUS access request to the last known
RADIUS server that replied to any previous RADIUS access request. If the request
times out, the next request is sent to the other RADIUS server if defined.
For example, assume that the primary RADIUS server was not reachable and that the
secondary server responded to the last RADIUS access request. When a new
authentication request is received, the CN3000 sends the first RADIUS access request
to the secondary RADIUS server.
If it does not reply, the RADIUS access request is retransmitted to the primary RADIUS
server. The CN3000 always alternates between the two servers, when configured.
Server address
Primary RADIUS
Specify the IP address of the RADIUS server.
server
Secret/Confirm secret
Specify the secret (password) that CN3000 will use when communicating with the
RADIUS server. The shared secret is used to authenticate all packets exchanged with
the server to prove that they originate from a valid/trusted source.
Secondary
Server address
Specify the IP address of the RADIUS server.
RADIUS server
Secret/Confirm secret
Specify the secret (password) that CN3000 will use when communicating with the
RADIUS server. The shared secret is used to authenticate all packets exchanged with
the server to prove that they originate from a valid/trusted source.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 252 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Quick Links:
- Introduction
- Wireless Radio
- Logging in
- Reset Button
Hide quick links:
Advertisement
Table of Contents
