Table of Contents
Advertisement
Click OK on the Wireless Network Properties dialog to close it and save your changes.
Connecting To The Wireless Network With A WPA-PSK Client
WPA-PSK clients should now be able to associate and authenticate with the access point. As
a client, you will not be prompted for a key. The TKIP or AES key you configured on the
client security settings is automatically used when you connect.
B.9
Configuring An External RADIUS Server To Recognize The
9160 G2
An external Remote Authentication Dial-in User Server (RADIUS) running on the network
can support EAP-TLS smart card/certificate distribution to clients in a Public Key Infra-
structure (PKI), as well as EAP-PEAP user account setup and authentication. By external
RADIUS server, we mean an authentication server external to the access point itself. This is
to distinguish between the scenario in which you use a network RADIUS server versus one
in which you use the Built-in Authentication Server on the 9160 G2 Wireless Gateway.
This section provides an example of configuring an external RADIUS server for the pur-
poses of authenticating and authorizing TLS-EAP certificates from wireless clients of a
particular 9160 G2 Wireless Gateway configured for either "WPA/WPA2 Enterprise (RA-
DIUS)" or "IEEE 802.1x" security modes. The intention of this section is to provide some
idea of what this process will look like; procedures will vary depending on the RADIUS
server you use and how you configure it. For this example, we use the Internet Authentica-
tion Service that comes with Microsoft Windows 2003 server.
Note: This document does not describe how to set up Administrative users on the RADIUS
server. In this example, we assume you already have RADIUS server user accounts
configured. You will need a RADIUS server user name and password for both this
procedure and the following one that describes how to obtain and install a certificate
on the wireless client. Please consult the documentation for your RADIUS server for
information on setting up user accounts.
The purpose of this procedure is to identify your 9160 G2 Wireless Gateway as a "client" to
the RADIUS server. The RADIUS server can then handle authentication and authorization
of wireless clients for the AP. This procedure is required per access point. If you have more
than one access point with which you plan to use an external RADIUS server, you need to
follow these steps for each of those APs.
Keep in mind that the information you need to provide to the RADIUS server about the
access point corresponds to settings on the access point (Security) and vice versa. You
should have already provided the RADIUS server IP Address to the AP; in the steps that
Appendix B: Security Settings on Wireless Clients/RADIUS Server
Configuring An External RADIUS Server To Recognize The 9160 G2
Psion Teklogix 9160 G2 Wireless Gateway User Manual
B-31
Advertisement
Table of Contents
