Black Box LWN602A User Manual page 146

Smartpath enterprise wireless system

Hide thumbs Also See for LWN602A:

User manual (196 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

Table of Contents

Chapter 11: Deployment Examples CLI

Step 1: Define the RADIUS server on the SmartPath AP-1.

Configure the settings for the RADIUS server (IP address and shared secret) on SmartPath AP-1.

aaa radius-server first 10.1.1.10 shared-secret s3cr3741n4bl0X

The IP address of the RADIUS server is 10.1.1.10, and the shared secret that SmartPath AP-1 and the RADIUS server use

to authenticate each other is "s3cr3741n4b10X". You must also enter the same shared secret on the RADIUS server when

you define the SmartPath APs as access devices (see Step 4).

Step 2: Change the SSID on SmartPath AP-1.

1. Change the authentication method in the SSID.

ssid employee security protocol-suite wpa-auto-8021x

save config

The protocol suite requires Wi-Fi Protected Access (WPA) or WPA2 security protocol for authentication and key manage-

ment, AES or TKIP encryption, and user authentication through IEEE 802.1X.

2. Enter the show interface mgt0 command and note the dynamically assigned IP address of the mgt0 interface. You need

to know this address to define SmartPath AP-1 as an access device on the RADIUS server in Step 4.

exit

Step 3: Configure SmartPath AP-2 and SmartPath AP-3.

1. Log in to SmartPath AP-2 through its console port.

2. Configure SmartPath AP-2 with the same commands that you used for SmartPath AP-1:

aaa radius-server first 10.1.1.10 shared-secret s3cr3741n4bl0X

ssid employee security protocol-suite wpa-auto-8021x

save config

NOTE: Although all SmartPath APs in this example use the same shared secret, they can also use different secrets.

3. Enter the show interface mgt0 command to learn its IP address. You need this address for Step 4.

exit

4. Log in to SmartPath AP-3 and enter the same commands.

Step 4: Configure the RADIUS Server to accept authentication requests from the SmartPath APs.

Log in to the RADIUS server and define the three SmartPath APs as access devices. Enter their individual mgt0 IP addresses or the

subnet containing the IP addresses of all their mgt0 interfaces and the shared secret:

s3cr3741n4bl0X

Step 5: Modify the SSID on the wireless clients.

Modify the "employee" SSID on all the wireless clients in wireless network-2 and -3. Specify WPA or WPA2 for network

authentication, AES or TKIP for data encryption, and Protected EAP (PEAP) for user authentication.

If the supplicant is on a PC running Windows Vista and is on a domain, and the RADIUS server is configured with domain

authentication:

1. View the available SSIDs in the area, and select employee.

2. Click Connect.

Because most PC-based supplicants use their Windows login credentials to authenticate the client with the domain, the 802.1X

authentication process happens automatically.

Page 146

724-746-5500 | blackbox.com

Table of Contents

Chapters

Table of Contents

This manual is also suitable for:

Lwn602ae Lwn602ha Lwn602hae

Black Box LWN602A User Manual page 146

Chapters

Related Manuals for Black Box LWN602A

Related Products for Black Box LWN602A

This manual is also suitable for:

Table of Contents