beautypg.com

Wr1500, Port wireless dsl/cable router – ParkerVision WR1500 User Manual

Page 49

background image

WR1500

4-Port Wireless DSL/Cable Router

®

51

7.5

802.1 x Overview

The IEEE 802. lx standard outlines enhanced security methods for both the authentication

of wireless stations and encryption key management. Authentication can be done using the

local user database internal to the WR1500 Wireless Router (authenticate up to 8 users) or an

external RADIUS server for an unlimited number of users.

7.6

Introduction to RADIUS

RADIUS is based on a client-sever model that supports authentication and accounting, where

Wireless Router is the client and the server is the RADIUS server. The RADIUS server handles

the following tasks among others:

Authentication - Determines the identity of the users.

Accounting - Keeps track of the client’s network activity.

RADIUS user is a simple package exchange in which your WR1500 Wireless Router acts as a

message relay between the wireless station and the network RADIUS server.

Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the Wireless Router and the

RADIUS server for user authentication:

Access-Request - Sent by an Wireless Router requesting authentication.

Access-Reject - Sent by a RADIUS server rejecting access.

Access-Accept - Sent by a RADIUS server allowing access.

Access-Challenge - Sent by a RADIUS server requesting more information in order to

allow access.The Wireless Router sends a proper response from the user and then sends

another Access-Request message.

The following types of RADIUS messages are exchanged between the Wireless Router and

the RADIUS server for user accounting:

Accounting-Request - Sent by the Wireless Router requesting accounting.

Accounting-Response - Sent by the RADIUS server to indicate that it has started or

stopped accounting.

In order to ensure network security, the Wireless Router and the RADIUS server use a shared

secret key, which is a password, they both know. The key is not sent over the network. In

addition to the shared key, password information exchanged is also encrypted to protect the

wired network from unauthorized access.

7.6.1 EAP Authentication Overview
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the

IEEE802.1x transport mechanism in order to support multiple types of user authentication. By

using EAP to interact with an EAP-compatible RADIUS server, the Wireless Router helps a

wireless station and a RADIUS server perform authentication.

Continued on next page