beautypg.com

Notes concerning radius, Configuration instructions, Notes concerning radius configuration instructions – Proxim ORiNOCO AP-2500 User Manual

Page 52: Install and configure radius, Ap-2500 authentication methods

background image

52

AP-2500 Authentication Methods

3. Client sends AP its login credentials (User name/password or MAC address).
4. AP checks its

Authorized Subscribers

Table. If the client is not listed, the AP forwards the authentication request to

the RADIUS server.

5. The RADIUS server authenticates the user based on the client’s login credentials and notifies AP of successful

authentication.

6. AP changes the client’s State to “Valid” in its

Current Subscribers Table

and redirects the client to the requested

Web page or to the site specified by Home Page Redirection settings.

7. AP sends an accounting “start” message to the RADIUS server.

This assumes that RADIUS accounting is enabled.

Note that you can use the same server for RADIUS authentication and accounting or two different RADIUS
servers: one for authentication and one for accounting).

8. RADIUS server sends an acknowledgment back to the AP that the accounting message was successfully

received.

This assumes that RADIUS accounting is enabled.

In addition to sending an accounting “start” message when a subscriber logs in, the AP also sends an
accounting “stop” message when the subscriber logs out or times out. Also, the AP can send interim
accounting messages at a specified interval (but not less than every two minutes).

Notes Concerning RADIUS

Subscribers authenticated by RADIUS can logout of their Internet sessions in one of three ways:

By clicking the Logout button found on the ICC (if enabled).

See

Information and Control Console (ICC)

and

Potential End User Issues

for more information and a list

of known issues.

By typing http://1.1.1.1/ in their Web browser.

By clicking a link to http://1.1.1.1/ that you add to a custom

Portal Page

.

Subscribers authenticated by RADIUS are logged out automatically in one of two ways:

Idle timer expires.

Session timer expires.

(These two timers are RADIUS attributes that you can configure for the subscribers in your RADIUS database. See

RADIUS Messages and RADIUS Attributes

for details.)

See

RADIUS

for more information on the AP’s RADIUS implementation.

Configuration Instructions

The configuration instructions are divided into two topics:

Install and Configure RADIUS

Configure the AP-2500

Install and Configure RADIUS

Before you install or configure the AP-2500, you should first install and configure the RADIUS server on your network.
There are multiple RADIUS applications available. Popular RADIUS servers include Microsoft’s Internet Authentication
Service (IAS), Funk’s Steel-belted RADIUS, and Lucent Navis RADIUS. Microsoft’s IAS server is included with
Windows 2000 Server.
Since your specific installation and configuration steps will vary based on the RADIUS server you select, the following
instructions are only an overview of the process. Refer to the documentation included with your RADIUS server for
detailed instructions.

NOTE

Contact your RADIUS server manufacturer if you have problems configuring the server or have problems
using RADIUS authentication and/or accounting.