Moxa Technologies MOXA AirWorks User Manual

Page of 52
MOXA AirWorks AWK-1100 User’s Manual 
Web Console Configuration 
 
3-19
 
 
 
Sample MAC ACL file 
To download a MAC ACL file from a TFTP server: 
1.  Specify the IP address of the TFTP server in the TFTP server IP address text box. 
2.  Specify the name of the MAC ACL file on the TFTP server in the MAC ACL file name text 
box. 
3.  Click Download
IEEE 802.1X/RADIUS (AP mode only) 
IEEE 802.1X Port-Based Network Access Control is a new standard for solving some security 
issues associated with IEEE 802.11, such as lack of user-based authentication and dynamic 
encryption key distribution. With IEEE 802.1X and the help of a RADIUS (Remote 
Authentication Dial-In User Service) server and a user account database, an enterprise or ISP 
(Internet Service Provider) can manage its mobile users’ access to its wireless LANs. Before being 
granted access to a wireless LAN supporting IEEE 802.1X, a user needs to issue his or her user 
name
 and password or digital certificate to the backend RADIUS server by EAPOL (Extensible 
Authentication Protocol Over LAN). The RADIUS server can record accounting information, such 
as when a user logs on to the wireless LAN and logs off from the wireless LAN for monitoring or 
billing purposes. 
The IEEE 802.1X functionality of the access point is controlled by the security mode. So far, the 
wireless access point supports two authentication mechanisms—EAP-MD5 (Message Digest 
version 5), EAP-TLS (Transport Layer Security). If EAP-MD5 is used, the user must give his or 
her user name and password for authentication. If EAP-TLS is used, the wireless client computer 
automatically gives the user’s digital certificate that is stored in the computer hard disk or a smart 
card for authentication. And after a successful EAP-TLS authentication, a session key is generated 
automatically for encrypting wireless packets sent between the wireless client computer and the 
associated wireless access point. In short, EAP-MD5 only supports user authentication, whereas 
EAP-TLS supports both user authentication and dynamic encryption key distribution.