- 32 -
6. The client validates the digital certificate, and replies its own digital certificate to the RADIUS server.
7. The RADIUS server validates client
’
s digital certificate.
8. The client and RADIUS server derive encryption keys.
9. The RADIUS server sends WRT-410 a RADIUS ACCEPT message, including the client
’
s WEP key.
10. WRT-410 sends the client an EAP Success message along with the broadcast key and key length,
all encrypted with the client
’
s WEP key.
4.2 RADIUS Server Setup
4.2.1 Required Services
After Windows 2000 server has been installed, please install Service Pack 2 also and other latest
security patch.
Furthermore, the following service components are needed:
n
Active Directory (Please consult with your network administrator or an engineer who is familiar with
Windows 2000 server to install Active Directory; otherwise your system or network might be
unstable.)
n
IAS (Internet Authentication Service)
n
Web Server (IIS)
n
Certificate Service
4.2.2 Setup Procedure
1. Login into Windows 2000 Server as Administrator, or account that has Administrator authority.
2. Go to
Start
>
Control Panel
, and double-click
“
Add or Remove Programs
”
.
3. Click on
“
Add/Remove Windows components
”
.
4. Check
“
Certificate Services
”
, and click
“
Next
”
to continue.
5. Select
“
Enterprise root CA
”
, and click
“
Next
”
to continue.