Active Directory Configuration Improvement - Black Box SmartPath LWN602A User Manual

show ssid employee station
Chan=channel number; Pow=Power in dbm;
A-Mode=Authentication mode; Cipher=Encryption mode;
A-Time=Associated time; Auth=Authenticated;
UPID=User profile Identifier; Phymode=Physical mode;
Mac Addr
-------------- ---------
0016:cf8c:57bc 10.1.1.35 11
Figure 11-8. Checking the MAC address and authentication and encryption types.
Check that the MAC and IP addresses in the table match those of the wireless client.
Check that the authentication and encryption modes match those in the SSID security protocol suite.
NOTE: You can also enter the following commands to check the association status of a wireless client: show auth, show roaming
cache, and show roaming cache mac <mac_addr>.
The setup for using IEEE 802.1X is complete. Wireless clients can now associate with the SmartPath AP using SSID "employee,"
authenticate themselves through IEEE 802.1X to a RADIUS server, and access the network.
11.4 Active Directory Integration Improvement
There are two significant improvements in Active Directory integration. The first simplifies the integration process between
SmartPath AP RADIUS servers and Active Directory servers (domain controllers). The second makes it possible to configure
SmartPath AP RADIUS servers to work with Active Directory servers when SmartPath EMS VMA is running in Express mode. The
following section explains the simplified integration process.
Step 1: Configure Active Directory Settings for SmartPath AP RADIUS Servers
Define a SmartPath AP as a RADIUS server and configure it to work with an Active Directory server. The following steps explain
the process when running SmartPath EMS VMA in Enterprise mode:
Click "Configuration > Advanced Configuration > Authentication > AAA User Directory Settings > New," and configure the
following Active Directory settings:
Name: Type a name for this configuration. It can be up to 32 characters long and cannot contain spaces.
Description: Type a note about the configuration for later reference. It can be up to 64 characters long, including spaces.
Active Directory: (select)
SmartPath AP RADIUS Server: From the drop-down list, choose a SmartPath AP that you intend to make a RADIUS server.
Because other SmartPath APs acting as RADIUS authenticators must be able to send user authentication requests to the
SmartPath AP RADIUS server, it cannot have a dynamically assigned IP address. Therefore, it cannot be a DHCP client; it must have
a manually defined IP address, netmask, default gateway, and DNS server IP address. When you choose a SmartPath AP, its IP
address, netmask, default gateway, and DNS server settings appear in the fields. In addition, if the SmartPath AP that you choose
is a DHCP client, SmartPath EMS VMA prompts you to enter static network and DNS settings for it and then click "Apply." After
you save this Active Directory configuration, SmartPath EMS VMA applies the new network and DNS settings to the SmartPath
AP. The next time you push a configuration to that SmartPath AP, it will receive these new settings.
IP Addr Chan Rate Pow
---- ---- ----
54M -38
Check that the MAC address
in the table matches that of
the wireless client .
724-746-5500 | blackbox.com
Chapter 11: Deployment Examples CLI
A-Mode Cipher A-Time
-------- ------- --------
wpa2-psk aes ccm 00:00:56
Check that the authentication and
encryption modes match those in
the SSID security protocol suite.
VLAN Auth UPID Phymode
---- ---- ---- -------
1 Yes 0 11g
Page 173