D-Link DWC-1000 User Manual
219
Section 6 - Securing Your Network
External Authentication
The local user database present in the controller itself is typically used for granting management access for the
GUI or CLI. External authentication servers are typically more secure, and can be used for allowing wireless AP
connections, authenticating IPSec endpoints, and even allowing access via a Captive Portal on the VLAN. This
section describes the available authentication servers on the controller, and also the configuration requirements.
In all cases, the “Server Checking” button is used to verify connectivity to the configured server(s).
Configure RADIUS Server
Path: Security > Authentication > External Auth Server > RADIUS Server
Enterprise Mode for wireless security uses a RADIUS Server for WPA and/or WPA2 security. A RADIUS server must
be configured and accessible by the controller to authenticate wireless client connections to an AP enabled with
a profile that uses RADIUS authentication.
• The Authentication IP Address is required to identify the server. A secondary RADIUS server provides
redundancy in the event that the primary server cannot be reached by the controller when needed.
• Authentication Port - The port for the RADIUS server connection
• Secret - Enter the shared secret that allows this controller to log into the specified RADIUS server(s). This
key must match the shared secret on the RADIUS Server.
• The Timeout and Retries fields are used to either move to a secondary server if the primary cannot
be reached, or to give up the RADIUS authentication attempt if communication with the server is not
possible.
To configure RADIUS Server:
1. Go to
Security
>
Authentication
>
External Auth Server
>
RADIUS Server
tab.