Table of Contents
Advertisement
Configuring Access Point Security
Radius Port
Radius Shared
Secret
7 Select the Accounting tab as required to define a timeout period and retry interval Syslog for MUs
interoperating with the access point and EAP authentication server. The items within this tab could
be enabled or disabled depending on whether Internal or External has been selected from the
RADIUS Server drop-down menu.
External Radius
Server Address
External Radius
Port
External Radius
Shared Secret
MU Timeout
Retries
Enable Syslog
Syslog Server IP
Address
8 Select the Reauthentication tab as required to define authentication connection policies, intervals and
maximum retries. The items within this tab are identical regardless of whether Internal or External is
selected from the RADIUS Server drop-down menu.
206
If using an External Radius Server, specify the port on
which the primary Radius server is listening. Optionally,
specify the port of a secondary (failover) server. Older
Radius servers listen on ports 1645 and 1646. Newer
servers listen on ports 1812 and 1813. Port 1645 or 1812
is used for authentication. Port 1646 or 1813 is used for
accounting. The ISP or a network administrator needs to
confirm the appropriate primary and secondary port
numbers for authentication. This setting is not available if
Internal has been selected from the Radius Server drop-
down menu.
Specify a shared secret for authentication on the Internal
or Primary RADIUS server (External RADIUS Server only).
The shared secret is required to match the shared secret
on the RADIUS server. Optionally, specify a shared secret
for a secondary (failover) server. Use shared secrets to
verify RADIUS messages (with the exception of the
Access-Request message) sent by a RADIUS enabled
device configured with the same shared secret.
Apply the qualifications of a well-chosen password to the
generation of a shared secret. Generate a random, case-
sensitive string using letters and numbers. Verify the
shared secret is at least 22 characters to protect the
RADIUS server from brute-force attacks. An example of a
strong and secure shared secret is: 8d#>9fq4bV)H7%a3-
zE13sW.
Specify the IP address of the external RADIUS server
used to provide RADIUS accounting.
Specify the port on which the RADIUS server is listening.
The default port is 1813.
Specify a shared secret for authentication. The shared
secret is required to match the shared secret on the
RADIUS server.
Specify the time (in seconds) for the Access Point's
retransmission of EAP-Request packets. The default is 10
seconds. If this time is exceeded, the authentication
session is terminated.
Specify the number of retries for the MU to retransmit a
missed frame to the RADIUS server before it times out of
the authentication session. The default is 2 retries.
Select the Enable Syslog checkbox to enable RADIUS
accounting syslog messages relating to EAP events to be
written to the specified syslog server.
Enter the IP address of the destination syslog server to be
used to log EAP events.
Altitude 4700 Series Access Point Product Reference Guide
Advertisement
Table of Contents
Related Manuals for Extreme Networks Altitude 4700 Series
Related Products for Extreme Networks Altitude 4700 Series
- Extreme Networks ExtremeSwitching Virtual Services Platform 4450GTX-HT-PWR+
- Extreme Networks Universal Compute Platform Appliance 4120C
- Extreme Networks 4120 Series
- Extreme Networks ExtremeSwitching 5420M-48W-4YE
- Extreme Networks ExtremeSwitching 5420M-48T-4YE
- Extreme Networks ExtremeSwitching Virtual Services Platform 4850GTS-PWR+
- Extreme Networks ExtremeSwitching Virtual Services Platform 4850GTS Series
- Extreme Networks EPICenter 4.1