Filter
Top Products
184 © 2001- 2006 D-Link Corporation/D-Link Systems, Inc. All Rights Reserved.
D-Link Unified Access System User Manual
Configuring RADIUS Settings for Wireless Clients
You can configure D-Link Access Points to use 802.1x authentication on the RADIUS server
to allow or deny specific users on client stations access to the wireless network. If you enable
802.1x authentication, the client entry on a RADIUS server can support user-based VLANs
and subnet assignments for IP tunneling. Table 61 shows the attributes to set for wireless
clients within the RADIUS server.
Configuring RADIUS for Client MAC Authentication
You can configure the AP to use RADIUS-based MAC authentication to allow or deny
specific client stations access to the wireless network. Although this method is less secure than
802.1x, you can use it for client stations that do not support 802.1x.
The addresses you enter are either allowed or denied based on the global default action within
the AP profile.
Table 62 indicates the attributes that you configure in the RADIUS server entry.
FreeRADIUS Example for Wireless Client
Configuration
You can use an external RADIUS server, such as a server running FreeRADIUS, to
authenticate users who attempt to connect to an access point. The authentication is based on
the username and password, and not the wireless client used for access. The RADIUS server
can also assign the user to a VLAN after he or she is authenticated by the server.
In addition to user-based authentication, you can configure MAC-based authentication to
allow or deny wireless clients access to the AP based on the MAC address of the client.
Table 61. RADIUS Attributes for Wireless Clients
RADIUS Server
Attribute
Description Range Usage
User-Name (1) 1-32 characters Required
User-Password (2) 1-128 characters Required
Tunnel-Medium-Type
(65)
802 Optional
Table 62. RADIUS Attributes for Wireless Client MAC Authentication
RADIUS Server
Attribute
Description Range Usage
User-Name (1) Ethernet Address of the client
station.
Valid Ethernet
MAC Address.
Required
User-Password (2) A fixed password used to
lookup a client MAC entry.
NOPASSWORD Required