Adding Access Points To The Valid Ap Database; Configuring Radius Settings For Wireless Clients; Configuring Radius For Client Mac Authentication; Table 90: Radius Attributes For Wireless Clients - D-Link DWS-3000 Series User Manual
Unified wired & wireless access system
Hide thumbs
Also See for DWS-3000 Series:
- User manual (262 pages) ,
- Configuration manual (192 pages) ,
- Deployment manual (7 pages)
Table of Contents
Advertisement
D-Link Unified Access System
After you create an attribute dictionary file, you must insert an INCLUDE statement into the the main file dictionary for the
FreeRADIUS server.
The main dictionary is etc/raddb/dictionary. The following example shows an INCLUDE statement for the D-Link
attribute dictionary called dictionary.D-Link.
$INCLUDE dictionary.D-Link
Adding Access Points to the Valid AP Database
You use the attributes you define in the dictionary file to configure the settings for an access point in the Valid AP database
on the RADIUS server. The file you configure is the etc/raddb/users file. The following code is an example of a database
entry for an AP with the MAC address 00:11:95:a3:32:80.
Note: In the FreeRADIUS database, the MAC address is case sensitive, and the octets must be separated by
hyphens.
00-11-95-a3-32-80 Auth-Type := Local, User-Password=="NOPASSWORD"
D-Link-Wireless-AP-Mode = WS-Managed,
D-Link-Wireless-AP-Location = "Lobby AP",
D-Link-Wireless-AP-Profile-ID = 1,
D-Link-Wireless-AP-Switch-IP = 192.168.30.4,
D-Link-Wireless-AP-Radio-1-Chan = Auto,
D-Link-Wireless-AP-Radio-2-Chan = Auto,
D-Link-Wireless-AP-Radio-1-Power = Auto,
D-Link-Wireless-AP-Radio-2-Power = Auto
C
RADIUS S
ONFIGURING
You can configure D-Link Access Points to use 802.1X authentication on the RADIUS server to allow or deny specific users
on client stations access to the wireless network. If you enable 802.1X authentication, the client entry on a RADIUS server
can support user-based VLANs and subnet assignments for IP tunneling. <Link>Table 90 shows the attributes to set for
wireless clients within the RADIUS server.
RADIUS Server Attribute
User-Name (1)
User-Password (2)
Tunnel-Medium-Type (65)
Configuring RADIUS for Client MAC Authentication
You can configure the AP to use RADIUS-based MAC authentication to allow or deny specific client stations access to the
wireless network. Although this method is less secure than 802.1X, you can use it for client stations that do not support
802.1X.
The addresses you enter are either allowed or denied based on the global default action within the AP profile.
Page 210
W
ETTINGS FOR
IRELESS
Table 90: RADIUS Attributes for Wireless Clients
Description
–
–
–
C
LIENTS
Range
1-32 characters
1-128 characters
802
Document 34CS3000-SWUM104-D10
Software User Manual
02/15/2011
Usage
Required
Required
Optional
Hide quick links:
Advertisement
Table of Contents
