D-Link DWC-2000-AP32-LIC User Manual - Page 186

Section 6 - Securing Your Network External Authentication The local user database present in the controller itself is typically used for granting management access for the GUI or CLI. External authentication servers are typically more secure, and can be used for allowing wireless AP connections, authenticating IPsec endpoints, and even allowing access via a Captive Portal on the VLAN. This section describes the available authentication servers on the controller, and also the configuration requirements. In all cases, the "Server Checking" button is used to verify connectivity to the configured server(s). Configure RADIUS Server Path: Security > Authentication > External Auth Server > RADIUS Server Enterprise Mode for wireless security uses a RADIUS Server for WPA and/or WPA2 security. A RADIUS server must be configured and accessible by the controller to authenticate wireless client connections to an AP enabled with a profile that uses RADIUS authentication. • The Authentication IP Address is required to identify the server. A secondary RADIUS server provides redundancy in the event that the primary server cannot be reached by the controller when needed. • Authentication Port - The port for the RADIUS server connection • Secret - Enter the shared secret that allows this controller to log into the specified RADIUS server(s). This key must match the shared secret on the RADIUS Server. • The Timeout and Retries fields are used to either move to a secondary server if the primary cannot be reached, or to give up the RADIUS authentication attempt if communication with the server is not possible. To configure RADIUS Server: 1. Go to Security > Authentication > External Auth Server > RADIUS Server tab. D-Link DWC-2000 User Manual 186