Dell W-Series 207 Instant 6.5.1.0-4.3.1.0 User Guide - Page 163
Configuring 802.1X Authentication for a Network Profile
View all Dell W-Series 207 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 163 highlights
l For EAP-TLS authentication, ensure that the server and CA certificates from the authentication servers are uploaded on the W-IAP. For more information, see Uploading Certificates on page 175. In the CLI To configure authentication survivability for a wireless network: (Instant AP)(config)# wlan ssid-profile (Instant AP)(SSID Profile )# type {||} (Instant AP)(SSID Profile )# auth-server (Instant AP)(SSID Profile )# auth-survivability (Instant AP)(SSID Profile )# exit (Instant AP)(config)# auth-survivability cache-time-out (Instant AP)(config)# end (Instant AP)# commit apply To view the cache expiry duration: (Instant AP)# show auth-survivability time-out To view the information cached by the W-IAP: (Instant AP)# show auth-survivability cached-info To view logs for debugging: (Instant AP)# show auth-survivability debug-log Configuring 802.1X Authentication for a Network Profile This section consists of the following procedures: l Configuring 802.1X Authentication for Wireless Network Profiles on page 163 l Configuring 802.1X Authentication for Wired Profiles on page 164 The Instant network supports internal RADIUS server and external RADIUS server for 802.1X authentication. The steps involved in 802.1X authentication are as follows: 1. The NAS requests authentication credentials from a wireless client. 2. The wireless client sends authentication credentials to the NAS. 3. The NAS sends these credentials to a RADIUS server. 4. The RADIUS server checks the user identity and authenticates the client if the user details are available in its database. The RADIUS server sends an Access-Accept message to the NAS. If the RADIUS server cannot identify the user, it stops the authentication process and sends an Access-Reject message to the NAS. The NAS forwards this message to the client and the client must re-authenticate with appropriate credentials. 5. After the client is authenticated, the RADIUS server forwards the encryption key to the NAS. The encryption key is used for encrypting or decrypting traffic sent to and from the client. The NAS acts as a gateway to guard access to a protected resource. A client connecting to the wireless network first connects to the NAS. Configuring 802.1X Authentication for Wireless Network Profiles You can configure 802.1X authentication for a wireless network profile in the Instant UI or the CLI. In the Instant UI To enable 802.1X authentication for a wireless network: 1. On the Network tab, click New to create a new network profile or select an existing profile for which you want to enable 802.1X authentication and click edit. Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide Authentication and User Management | 163