Table of Contents
Advertisement
E
6: S
XAMPLE
ETTING
In this example, you define the connection settings for a RADIUS server so that HiveAPs can send RADIUS
authentication requests—encapsulated in EAP (Extensible Authentication Protocol) packets—to the proper
destination.
After corporate employees associate with HiveAPs, they gain network access by authenticating themselves to a
RADIUS server. The authentication process makes use of the IEEE 802.1X standard. Within this context, wireless
clients act as supplicants, HiveAPs as authenticators, and the RADIUS server as the authentication server. The roles
of each participant, packet exchanges, and connection details for the RADIUS server are shown in
Figure 11 IEEE 802.1X Authentication Process
1. Click HiveAP Configuration > AAA RADIUS >
The New RADIUS Profile dialog box appears.
2. Enter the following:
•
RADIUS Configuration Name: auth-1 (You cannot use spaces in the RADIUS profile name.)
•
Comment: 802.1X for corp employees
•
Retry Interval: 6000 (Seconds)
Enter the period of time that a HiveAP waits before retrying a previously unresponsive primary RADIUS
server. If a primary RADIUS server does not respond to three consecutive attempts—where each attempt
consists of ten authentication requests sent every three seconds (30 seconds for a complete request)—and a
backup RADIUS server has been configured, the HiveAP sends further authentication requests to the backup
Deployment Guide
AAA RADIUS S
Primary RADIUS server
IP address: 10.1.1.15
Shared secret: J7ix2bbbLA
Authentication port: 1812
Accounting port: 1813
Server priority: First
(Add button).
ETTINGS
Secondary RADIUS Server
IP address: 10.1.2.16
Shared secret: J8Dx2c13Mb
Authentication port: 1812
Accounting port: 1813
Priority: Second
Figure
11.
55
Advertisement
Table of Contents
