Dell PowerConnect W-IAP92 Dell Instant 6.1.2.3-2.0.0.0 User Guide - Page 77
Authentication, Authentication Methods in Dell Instant, 802.1X Authentication, Internal RADIUS Server
View all Dell PowerConnect W-IAP92 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 77 highlights
Chapter 8 Authentication Authentication Methods in Dell Instant Authentication is a process of identifying a user by having them to provide a valid username and password. Clients can also be authenticated based on their Mac addresses. The following authentication methods are supported in Dell Instant: 802.1X Authentication Captive Portal Mac Authentication 802.1X Authentication 802.1X is a method for authenticating the identity of a user before providing network access to the user. Remote Authentication Dial In User Service (RADIUS) is a protocol that provides centralized authentication, authorization, and accounting management. For authentication purpose, the wireless client can associate to a network access server (NAS) or RADIUS client such as a wireless IAP. The wireless client can pass data traffic only after successful 802.1X authentication. The steps involved in 802.1X authentication are: 1. The NAS requests authentication credentials from the wireless client. 2. The wireless client sends the authentication credentials to the NAS. 3. The NAS sends these credentials to a RADIUS server. 4. The RADIUS server checks the user identity and begins authentication with the client if the user identity is present in its database. The RADIUS server sends an Access-Accept message to the NAS. If the RADIUS server cannot identify the user, it stops the authentication process and sends an Access-Reject message to the NAS. The NAS forwards this message to the client and the client must re-authenticate with correct credentials. 5. After the client is authenticated, the RADIUS server forwards the encryption key to the NAS. The encryption key is used to encrypt or decrypt traffic sent to and from the client. NOTE: A NAS acts as a gateway to guard access to a protected resource. A client connecting to the wireless network first connects to the NAS. The Dell Instant network supports internal RADIUS server and external RADIUS server for 802.1x authentication. Internal RADIUS Server Each IAP has an instance of FreeRADIUS server operating locally. When you enable the Internal RADIUS server option for the network, the authenticator on the IAP sends a RADIUS packet to the local IP address. The Internal RADIUS server listens and replies to the RADIUS packet. The following authentication methods are supported in Dell Instant network: EAP-TLS-The Extensible Authentication Protocol- Transport Layer Security method supports the termination of EAP-TLS security using the internal RADIUS server. The EAP-TLS requires both server and certification authority (CA) certificates installed onto the IAP.The client certificate is verified on the Virtual Dell PowerConnect W-Series Instant Access Point 6.1.2.3-2.0.0.0 | User Guide Authentication | 77