beautypg.com

Wpa/wpa2 enterprise (radius) client using eap/peap – Allied Telesis AT-WA7400/EU User Manual

Page 234

background image

Appendix B: Configuring Security on Wireless Clients

234

Configuring WPA/WPA2 Enterprise (RADIUS) Security on a Client

Wi-Fi Protected Access 2 (

WPA2

) with Remote Authentication Dial-In User

Service (

RADIUS

) is an implementation of the Wi-Fi Alliance IEEE

802.11

standard, which includes Advanced Encryption Standard (

AES

), Counter

mode/CBC-MAC Protocol (

CCMP

), and Temporal Key Integrity Protocol

(

TKIP

) mechanisms. This mode requires the use of a RADIUS server to

authenticate users.

This security mode also provides backwards-compatibility for wireless
clients that support only the original

WPA

.

When you configure WPA/WPA2 Enterprise (RADIUS) security mode on
the access point, you have a choice of whether to use the built-in
authentication server or an external RADIUS server that you provide.

The AT-WA7400 Wireless Access Point’s built-in authentication server
supports Protected Extensible Authentication Protocol (EAP) known as
EAP/PEAP and Microsoft Challenge Handshake Authentication Protocol
Version 2 (MSCHAP V2), which provides authentication for point-to-point
(PPP) connections between a Windows-based computer and network
devices such as access points.

If you configure the network (access point) to use security mode and
choose the built-in authentication server, you must configure client
stations to use WPA/WPA2 Enterprise (RADIUS) and EAP/PEAP.

If you configure the network (access point) to use this security mode with
an external RADIUS server, you must configure the client stations to use
WPA/WPA2 Enterprise (RADIUS) and whichever security protocol your
RADIUS server is configured to use.

WPA/WPA2

Enterprise

(RADIUS) Client

Using EAP/PEAP

The built-In authentication server on the AT-WA7400 Wireless Access
Point uses Protected Extensible Authentication Protocol (EAP) known as
EAP/PEAP.

ˆ

If you are using the Built-in Authentication server with WPA/WPA2
Enterprise (RADIUS) security mode on the AT-WA7400 Wireless
Access Point, then you will need to set up wireless clients to use
PEAP.

ˆ

Additionally, you may have an external RADIUS server that uses EAP/
PEAP. If so, you will need to (1) add the AT-WA7400 Wireless Access
Point to the list of RADIUS server clients, and (2) configure your WPA/
WPA2 Enterprise (RADIUS) wireless clients to use PEAP.

See also other documents in the category Allied Telesis Computer hardware: