Configuring Kerberos Authentication - Motorola WS2000 System Reference Manual

10.In the Max. Retries
after failing to complete the EAP process. If the mobile unit fails the authentication process in specified
number of retries, the switch will terminate the connection to the mobile unit.
Advanced Settings
11.The MU Quiet Period
mobile unit's authentication attempts, as required by the server.
12.The MU Timeout
retransmission of EAP-Request packets.
13.The MU Tx Period
retransmission of the EAP-Request/Identity frame.
14.The MU Max Retries
unit to retransmit an EAP-Request frame to the server before it times out the authentication session.
Note that this is a different value from the Max Retry field at the top of the window.
15.The Server Timeout
server's transmission of EAP Transmit packets.
16.The Server Max Retries
server to retransmit an EAP-Request frame to the client before it times out the authentication session.
Note that this is a different value from the
RADIUS Client Accounting and Syslog Setup
17.Use the Enable Accounting
(CF) card.
18.If accounting is enabled, enter the maximum amount of time a client will wait for an acknowledgement
from the RADIUS accounting server before resending the accounting packet in the
the Retries field, enter the maximum number of times for the client will resend the accounting packet to
the RADIUS accounting server before giving up.
19.To enable 802.1x EAP message logging to an external Syslog server, check the
then specify the IP address of the syslog server in the
20.Click the Ok button to save changes.

5.3.3 Configuring Kerberos Authentication

Kerberos provides a strong authentication method for client/server applications by using secret-key
cryptography. Using this protocol, a client can prove their identity to a server (and vice versa) across an
insecure network connection. After a client and server use Kerberos to prove their identity, they can encrypt
all communications to assure privacy and data integrity.
1. Select the Kerberos
2. Click the Kerberos Configuration
field, set the maximum number of retries for a client to successfully reauthenticate
field allows the administrator to specify the idle time (in seconds) between a
field allows the administrator to specify the time (in seconds) for the mobile unit's
field allows the administrator to specify the time period (in seconds) for the server's
field allows the administrator to set the maximum number of times for the mobile
field indicates the maximum time (in seconds) that the switch will wait for the
field allows the administrator to set the maximum number of times for the
Max. Retries
check box to enable saving the RADIUS logs on the device's Compact Flash
radio button to enable Kerberos authentication.
button to display a sub-screen for authentication settings.
Wireless Configuration
field at the top of the window.
Enable Syslog
Syslog Server IP field.
5-11
MU Timeout field. In
box and