Allied Telesis AT-TQ2403 Network Card User Manual


  Open as PDF
of 292
 
172 AT-TQ2403 - Management Software - User's Guide
1. Configure the following settings on the Association tab on the Network Properties dialog.
Association Tab
Field Setting
Network Authentication WPA
Data Encryption TKIP or AES depending on how this option is configured on the
access point.
Note:
When the Cipher Suite on the access point is set to "Both",
then TKIP clients with a valid TKIP key and AES clients with a valid
CCMP (AES) key can associate with the access point.
2. Configure these settings on the Authentication tab.
Authentication Tab
Field Setting
Enable IEEE 802.1x
authentication for this
network
Enable (click to check) this option.
EAP Type Choose Smart Card or other Certificate
3. Click Properties to bring up the Smart Card or other Certificate Properties dialog and enable the
"Validate server certificate" option.
Smart Card or other Certificate Properties Dialog
Field Setting
Validate Server
Certificate
Enable this option (click to uncheck the box).
Certificates In the certificate list shown, select the certificate for this client.
4. To complete the client configuration you must now obtain a certificate from the RADIUS server
and i
nstall it on this client. For information on how to do this see “Obtaining a TLS-EAP Certificate
for a Client”.
Logging on to the Wireless Network with a WPA Client Using a Certificate
WPA clien
ts should now be able to connect to the access point using their TLS certificates. The
certificate you installed is used when you connect, so you will not be prompted for login information.
The certificate is automatically sent to the RADIUS server for authentication and authorization.
WPA/WPA2 Enterprise (RADIUS) Client Using EAP-SIM Certificate
Extensible Authentication Protocol (EAP) Subscriber Identity Module (SIM), or EAP-SIM, is an
authentication protocol that supports the use of smart cards and certificates. You have the option of
using EAP-SIM with both WPA/WPA2 Enterprise (RADIUS) and IEEE 802.1x modes if you have an
external RADIUS server on the network to support it.
 previous next