37
A
UTHENTICATION
The Authentication page allows you to configure the type of upper-layer
authentication the access point uses for wireless clients. This authentication setup
is applicable for
both
radio interfaces. Access is checked against the MAC
Address authentication database stored on the access point.
NOTE:
This level of authentication occurs BEFORE any 802.1x authentication
configured on the Security page. When using Local and RADIUS MAC
Authentication, clients attempting to authenticate to the access point MUST pass
these settings before any subsequent 802.1x authentication is attempted and
verified. If no MAC address filtering is desired, leave this set to the default setting
of Disable.
Configure the options as described below. When you are finished, click
Apply.
MAC Authentication
— Selecting MAC authentication allows you to define
access permission and precedence. Options are:
Local MAC
— With this option, the MAC address of the associating station
is compared against the local access control list. You must build this list
(called the MAC Authentication Table) as described in Local MAC
Authentication below. Use this option if you want to restrict wireless clients
authentication to the access point based off their MAC address.
RADIUS MAC
— With this option, the MAC address of the associating
station is sent to the configured RADIUS server for validation. You must
specify the authentication sequence and the corresponding parameters for
the remote authentication protocol. See “RADIUS” on page 35 and
“802.1x Wireless Setup” below.
Disable
— No MAC address related checks are performed on a client
requesting authentication to the access point.
802.1x Wireless Setup
—802.1x is designed to enhance the security
management of the wireless network. Select one of the following options:
Disable
— The access point will neither initiate nor respond to any 802.1x
authentication requests to or from wireless clients.
Supported
— Legacy clients (non 802.1x) and 802.1x clients are both
supported. This is provided for ease of migration. This option works with
WPA key management set to either “WPA authentication over 802.1x” or
“WPA pre-shared key (PSK)” on the radio security page.