Filter
Top Products
Working with controlled APs
Authentication of controlled APs
Authentication of controlled APs
For security purposes, the service controller can require that APs be authenticated before
they are managed. Authentication is enabled by selecting Service controller >> Controlled
APs > Authentication.
Note The AP authentication option is disabled by default, meaning that all discovered APs are
authorized (no authentication is required).
The service controller authenticates APs using their MAC addresses. When an AP sends a
discovery request to the service controller, it includes its Ethernet Base MAC address. The
service controller validates this address against its AP address authentication list. If the
address appears in the list, the AP is authenticated and gains access to the service controller's
service control features.
If authentication fails (for example, this is a new AP), and the Use the local authentication
list option is enabled, then the AP is added to the Default Group and flagged as requiring
authentication. The AP must then be manually authenticated by a manager using the
Controlled APs >> Overview > Discovered APs page. Once authenticated, the AP can be
managed.
Note APs remain visible in this list as long as they have been detected and authorized at least once.
If an AP is no longer part of the network then a manager must manually remove it.
Building the AP authentication list
The service controller can retrieve authentication list entries from several sources: a RADIUS
account, a file, or using the set of locally configured APs. All entries are merged to create a
combined list.
3-18