3Com 3CRWE825075A-US User Guide - Page 31

Radius

Get 3Com 3CRWE825075A-US - Wireless LAN Access Point 8250 PDF manuals and user guides
UPC - 662705473796
View all 3Com 3CRWE825075A-US manuals
Add to My Manuals
Save this manual to your list of manuals

Page 31 highlights

address of one or more domain name servers. Enter those addresses in Primary DNS Address and Secondary DNS Address fields. SECURE WEB SERVER CONNECTION This option controls whether Secure Socket Layer (SSL) technology is used to encrypt information between the computer and the device during a configuration session. By default this option is Off. When this option is turned on, the HTTPS protocol is used, and data is protected during the configuration session. When it is turned off, the HTTP protocol is used, and data could be intercepted during the configuration session. Changing this option causes the device to reset, which disrupts the network association temporarily, but does not affect device configuration settings that have already been saved. RADIUS The RADIUS page lets you define servers to be used for authentication and accounting. RADIUS (Remote Access Dial-In User Service) is a login authentication protocol that uses software running on a central AAA (Access, Authentication, and Accounting) server to control access to RADIUS compliant devices on the network. There are no special settings on the access point to distinguish between the various RADIUS policies or authentication types (for example EAP-MD5, EAP-TLS, EAP-TTLS). These policies are setup and controlled on the AAA server. Note that for most RADIUS software packages, the access point is actually called the "RADIUS client" and has a shared secret or secret key corresponding to the RADIUS setup page (see KEY parameter below). The access point can send connection parameters to a RADIUS server, as well as statistics for accounting purposes. The access point is compatible with RFC2866 (the RADIUS Accounting specification). Configuring a secondary RADIUS server provides a backup in case the primary server fails. The access point will use the secondary server if a failure is detected in the primary server. Once the access point switches over to the secondary authentication server, it periodically attempts to establish communication again with primary authentication server. Once communication is established, the secondary authentication server reverts back to a backup server. The access point will use the secondary accounting server if a failure is detected in the primary accounting server. It will continue to use the secondary accounting server until it fails, in which case it returns to sending data to the primary accounting server. See here for recommended steps in configuring RADIUS Authentication. 31

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
31
address of one or more domain name servers. Enter those addresses in Primary
DNS Address and Secondary DNS Address fields.
S
ECURE
W
EB
S
ERVER
C
ONNECTION
This option controls whether Secure Socket Layer (SSL) technology is used to encrypt
information between the computer and the device during a configuration session. By
default this option is Off. When this option is turned on, the HTTPS protocol is used,
and data is protected during the configuration session. When it is turned off, the HTTP
protocol is used, and data could be intercepted during the configuration session.
Changing this option causes the device to reset, which disrupts the network association
temporarily, but does not affect device configuration settings that have already been
saved.
RADIUS
The RADIUS page lets you define servers to be used for authentication and
accounting. RADIUS (Remote Access Dial-In User Service) is a login authentication
protocol that uses software running on a central AAA (Access, Authentication, and
Accounting) server to control access to RADIUS compliant devices on the network.
There are no special settings on the access point to distinguish between the various
RADIUS policies or authentication types (for example EAP-MD5, EAP-TLS,
EAP-TTLS). These policies are setup and controlled on the AAA server. Note that for
most RADIUS software packages, the access point is actually called the “RADIUS
client” and has a shared secret or secret key corresponding to the RADIUS setup page
(see
KEY
parameter below).
The access point can send connection parameters to a RADIUS server, as well as
statistics for accounting purposes. The access point is compatible with RFC2866 (the
RADIUS Accounting specification).
Configuring a secondary RADIUS server provides a backup in case the primary server
fails. The access point will use the secondary server if a failure is detected in the
primary server. Once the access point switches over to the secondary authentication
server, it periodically attempts to establish communication again with primary
authentication server. Once communication is established, the secondary
authentication server reverts back to a backup server. The access point will use the
secondary accounting server if a failure is detected in the primary accounting server. It
will continue to use the secondary accounting server until it fails, in which case it
returns to sending data to the primary accounting server.
See here for recommended steps in configuring RADIUS Authentication.