Allied Telesis AT-WA7501 User Manual

AT-WA7500 and AT-WA7501 Installation and User’s Guide

195

ˆ

Any device with an EAP-TLS supplicant (end device or child access

point) needs both the CA certificate and the server certificate.

ˆ

If the child access point is using SWAP and is an authenticator, it

does not need any certificates loaded on it. Only the authentication
server and supplicants need certificates.

If the access point has two radios, or if the access point contains one
802.11g or 802.11a radio with multiple service sets (as described on
pages 74 and 89), you can implement 802.1x security on one radio
network or both radio networks, as long as the radio supports 802.1x
security.

For example, you have an access point with dual 802.11b radios and
some end devices that have a supplicant and some end devices that do
not have a supplicant. In the access point, you can configure one 802.11b
radio to use 802.1x security and the other 802.11b radio to use an ACL.

Configuring the Access Point as an Authenticator

The access point, when acting as an authenticator, receives requests from
end devices that want to communicate with the network and forwards
these requests to the authentication server. It also distributes the WEP
keys to end devices that are communicating with it. Before you configure
the access point as an authenticator, the access point should be installed
and configured to communicate with the wireless end devices.

To configure the access point as an authenticator

1. From the main menu, click Security and then click the radio service set

that you are configuring. The appropriate radio screen appears.