Filter
Top Products
Administrator and User Access 6-5
Configuring the RADIUS Server
The WS 2000 Wireless Switch provides an integrated RADIUS server as well as the ability to work with external RADIUS
and LDAP servers to provide user database information and authentication. The RADIUS Server page allows the admin to
set up data sources, as well as specify authentication information for the built-in RADIUS server.
Select [User Authentication] --> Radius Server to set up the RADIUS server configuration.
1. Use the Data Source pull-down menu to select the data source for the local RADIUS server.
•If Local is selected, the internal User Database will serve as the data source. Use the User Database screen to enter
the user data.
•If LDAP is selected, the switch will use the data in an LDAP server. Configure the LDAP server settings on the LDAP
screen under RADIUS Server on the menu tree.
2. Use the Default EAP Type pull-down menu to specify the default EAP type for the RADIUS server. The options are PEAP
and TTLS.
• Protected EAP (PEAP) uses a TLS layer on top of EAP as a carrier for other EAP modules. PEAP is an ideal choice for
networks using legacy EAP authentication methods.
• Tunneled TLS EAP (EAP-TTLS) is similar to EAP-TLS, but the client authentication portion of the protocol is not
performed until after a secure transport tunnel has been established. This allows EAP-TTLS to protect legacy
authentication methods used by some RADIUS servers.
3. Specify an Authentication Type for EAP to use from the pull-down menu. The options are GTC and MSCHAP-V2.
• EAP Generic Token Card (GTC) is a challenge handshake authentication protocol that uses a hardware token card to
provide the response string.
• Microsoft CHAP (MSCHAP-V2) is an encrypted authentication method based on Microsoft's challenge/response
authentication protocol.