D-Link AirPremier DWL-2210AP Manual page 138

Appendix A: Configuring Security Settings on Wireless Clients
Configuring IEEE 802.1x Security on a Client
IEEE 802.1x is the standard defining port-based authentication and infrastructure for
doing key management. Extensible Authentication Protocol (EAP) messages sent
over an IEEE 802.11 wireless network using a protocol called EAP Encapsulation
Over LANs (EAPOL). IEEE 802.1x provides dynamically-generated keys that are
periodically refreshed. An RC4 stream cipher is used to encrypt the frame body and
cyclic redundancy checking (CRC) of each 802.11 frame.
IEEE 802.1x Client Using EAP/PEAP
The Built-In Authentication Server on the D-Link DWL-2210AP uses Protected Extensible
Authentication Protocol (EAP) referred to here as "EAP/PEAP."
• If you are using the Built-in Authentication server with "IEEE 802.1x" security
mode on the D-Link DWL-2210AP, then you will need to set up wireless clients to
use PEAP.
• Additionally, you may have an external RADIUS server that uses EAP/PEAP. If
so, you will need to (1) add the D-Link DWL-2210AP to the list of RADIUS server
clients, and (2) configure your IEEE 802.1x wireless clients to use PEAP.
The following example assumes you are using the Built-in Authentication server that
comes with the D-Link DWL-2210AP. If you are setting up EAP/PEAP on a client of
an AP that is using an external RADIUS server, the client configuration process will
differ somewhat from this example especially with regard to certificate validation.
If you configured the D-Link DWL-2210AP to use IEEE 802.1x security mode . . .
. . . then configure IEEE 802.1x security with PEAP authentication on each client as
follows.
138 138