Wireless Authentication; Out-Of-Box Operation; Generate X.509 Certificate And Key Files; Load Wireless X.509 Certificates And Keys - Redline RDL-3000 SC User Manual

Rdl-3000 family broadband wireless radio platforms

Hide thumbs Also See for RDL-3000 SC:

User manual (143 pages)

Installation manuallines (65 pages)

Configuration instructions (9 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

Table of Contents

RDL-3000 FAMILY

Important Security Guidelines:

1. Store encryption keys and certificate information in a secure location.

2. Always use secure transfer (e.g., SSH or SSL) when working with encryption keys

and certificates.

3. It is recommended to use the RDL-3000 local Ethernet port to transfer encryption

keys and certificates, or sftp if loading certificates or keys across an open network.

6.2 Wireless Authentication

Wireless authentication is a standard feature on all RDL-3000 systems.

Out-of-Box Operation

Wireless authentication is not supported out of box. Each RDL-3000 system to use

wireless authentication must meet the following requirements:

1. The operator must generate and load X.509 certificate and key files

2. The wireless certificate and key files must be loaded into the user (usr) table. The

files can only be loaded using the CLI interface (Telnet or SSH). Reboot the RDL-

3000 to activate the certificate and key.

3. Configure and activate authentication services.

Generate X.509 Certificate and Key Files

Use a commercially available tool to create the required X.509 certificates and keys. The

filenames used must comply with the following requirements:

usr_wacert_<mac>.der X.509 Certificate Authority: The root CA X.509 certificate for the

usr_wcert_<mac>.der

usr_wkey_<mac>.der

Load Wireless X.509 Certificates and Keys

Use the following steps to setup wireless authentication:

1. Copy the certificate and key files to the default directory of a TFTP server.

2. Use the CLI command 'load' to copy the certificate and key files from the TFTP

server to the RDL-3000.

3. Use the CLI command 'show files usr' to verify the files have been successfully

loaded.

4. Reboot the RDL-3000 to activate changes.

Enabling Authentication

The wireless X.509 certificate and key files must be loaded into the usr table and the

RDL-3000 rebooted to activate the new keys before wireless authentication can be

enabled. Use one of the following methods to enable authentication:

CLI:

Web:

Note: Save the configuration to activate changes.

70-00158-01-08

USER MANUAL

product. The same certificate is used for all units.

X.509 Certificate: The unit X.509 certificate that has been signed by

the CA. This certificate includes the unit's public key.

Private Key: This certificate includes the unit's private key. The

private key must be kept secret and not shared with anyone. The

data used to create the keys should also be stored in a secure area.

set x509auth on

Configuration screen -> Wireless Security Configuration:

X.509 Authentication Enable

Page

136

of 150

December 7, 2011

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Rdl-3000 su Rdl-3000 m Enterprise

Wireless Authentication; Out-Of-Box Operation; Generate X.509 Certificate And Key Files; Load Wireless X.509 Certificates And Keys - Redline RDL-3000 SC User Manual

6.2 Wireless Authentication

Out-of-Box Operation

Generate X.509 Certificate and Key Files

Load Wireless X.509 Certificates and Keys

Enabling Authentication

Hide quick links:

Related Manuals for Redline RDL-3000 SC

Related Products for Redline RDL-3000 SC

This manual is also suitable for:

Table of Contents