29
example, www.3Com.com). Your internet service provider should provide the IP
address of one or more domain name servers. Enter those addresses in Primary
DNS Address and Secondary DNS Address fields.
S
ECURE
W
EB
S
ERVER
C
ONNECTION
This option controls whether Secure Socket Layer (SSL) technology is used to encrypt
information between the computer and the device during a configuration session. By
default this option is Off. When this option is turned on, the HTTPS protocol is used,
and data is protected during the configuration session. When it is turned off, the HTTP
protocol is used, and data could be intercepted during the configuration session.
Changing this option causes the device to reset, which disrupts the network association
temporarily, but does not affect device configuration settings that have already been
saved.
RADIUS
The RADIUS page lets you define servers to be used for authentication and
accounting. RADIUS (Remote Access Dial-In User Service) is a login authentication
protocol that uses software running on a central AAA (Access, Authentication, and
Accounting) server to control access to RADIUS compliant devices on the network.
There are no special settings on the access point to distinguish between the various
RADIUS policies or authentication types (for example EAP-MD5, EAP-TLS,
EAP-TTLS). These policies are setup and controlled on the AAA server. Note that for
most RADIUS software packages, the access point is actually called the “RADIUS
client” and has a shared secret or secret key corresponding to the RADIUS setup page
(see
KEY
parameter below).
The access point can send connection parameters to a RADIUS server, as well as
statistics for accounting purposes. The access point is compatible with RFC2866 (the
RADIUS Accounting specification).
Configuring a secondary RADIUS server provides a backup in case the primary server
fails. The access point will use the secondary server if a failure is detected in the
primary server. Once the access point switches over to the secondary authentication
server, it periodically attempts to establish communication again with primary
authentication server. Once communication is established, the secondary
authentication server reverts back to a backup server. The access point will use the
secondary accounting server if a failure is detected in the primary accounting server. It
will continue to use the secondary accounting server until it fails, in which case it
returns to sending data to the primary accounting server.