- 32 -
6. The client validates the digital certificate, and replies its own digital certificate to the RADIUS server.
7. The RADIUS server validates client’s digital certificate.
8. The client and RADIUS server derive encryption keys.
9. The RADIUS server sends WRT-410 a RADIUS ACCEPT message, including the client’s WEP key.
10. WRT-410 sends the client an EAP Success message along with the broadcast key and key length,
all encrypted with the client’s WEP key.
4.2 RADIUS Server Setup
4.2.1 Required Services
After Windows 2000 server has been installed, please install Service Pack 2 also and other latest
security patch.
Furthermore, the following service components are needed:
n Active Directory (Please consult with your network administrator or an engineer who is familiar with
Windows 2000 server to install Active Directory; otherwise your system or network might be
unstable.)
n IAS (Internet Authentication Service)
n Web Server (IIS)
n Certificate Service
4.2.2 Setup Procedure
1. Login into Windows 2000 Server as Administrator, or account that has Administrator authority.
2. Go to Start > Control Panel, and double-click “Add or Remove Programs”.
3. Click on “Add/Remove Windows components”.
4. Check “Certificate Services”, and click “Next” to continue.
5. Select “Enterprise root CA”, and click “Next” to continue.