Filter
Top Products
141
www.gateway.com
WPA with RADIUS client using EAP-TLS certificate
Extensible Authentication Protocol (EAP) Transport Layer Security (TLS), or EAP-TLS, is an
authentication protocol that supports the use of smart cards and certificates. You have the
option of using EAP-TLS with both WPA with RADIUS and IEEE 802.1x modes if you have
an external RADIUS server on the network to support it.
To use this type of security:
1 Add the Gateway 7001 AP to the list of RADIUS server clients. (See “Configuring an
external RADIUS server to recognize the Gateway 7001 AP” on page 146.)
2 Configure the Gateway 7001 AP to use your RADIUS server (by providing the RADIUS
server IP address as part of the “WPA with RADIUS” security mode settings).
3 Configure wireless clients to use WPA security and “Smart Card or other Certificate”
as described in this section.
4 Obtain a certificate for this client as described in “Obtaining a TLS-EAP certificate for
a client” on page 151.
Important If you want to use IEEE 802.1x mode with EAP-TLS certificates for
authentication and authorization of clients, you must have an external
RADIUS server and a Public Key Authority Infrastructure (PKI),
including a Certificate Authority (CA), server configured on your
network. It is beyond the scope of this document to describe the
configuration of the RADIUS server, PKI, and CA server. Consult the
documentation for those products.Some good starting points
available on the Web for the Microsoft Windows PKI software are:
“How to Install/Uninstall a Public Key Certificate Authority for
Windows 2000" at
http://sup-port.microsoft.com/default.aspx?scid=kb;EN-US;231881
and “How to Configure a Certificate Server” at
http://support.microsoft.com/default.aspx?scid=kb;en-us;318710#3.