Symbol Technologies AP5181D Manual De Usuario
Configuring Access Point Security
6-11
6.
Click the
Apply
button to return to the
WLAN
screen to save any changes made within the
Kerberos Configuration field of the New Security Policy screen.
7.
Click the
Cancel
button to undo any changes made within the Kerberos Configuration field
and return to the
WLAN
screen. This reverts all settings for the Kerberos Configuration field
to the last saved configuration.
6.5 Configuring 802.1x EAP Authentication
The IEEE 802.1x standard ties the 802.1x EAP authentication protocol to both wired and wireless LAN
applications.
applications.
The EAP process begins when an unauthenticated supplicant (client device) tries to connect with an
authenticator (in this case, the authentication server). The access point passes EAP packets from the
client to an authentication server on the wired side of the access point. All other packet types are
blocked until the authentication server (typically, a RADIUS server) verifies the MU’s identity.
authenticator (in this case, the authentication server). The access point passes EAP packets from the
client to an authentication server on the wired side of the access point. All other packet types are
blocked until the authentication server (typically, a RADIUS server) verifies the MU’s identity.
To configure 802.1x EAP authentication on the access point:
1.
Select
Network Configuration
->
Wireless
->
Security
from the access point menu tree.
If security policies supporting 802.1x EAP exist, they appear within the
Security
Configuration
screen. These existing policies can be used as is, or their properties edited
by clicking the
Edit
button. To configure a new security policy supporting 802.1x EAP,
continue to step 2.
2.
Click the
Create
button to configure a new policy supporting 802.1x EAP.
The
New Security Policy
screen displays with no authentication or encryption options
selected.
Backup KDC
Optionally, specify a numerical (non-DNS) IP address and port for a
backup KDC. Backup KDCs are referred to as slave servers. The
slave server periodically synchronizes its database with the
primary (or master) KDC.
backup KDC. Backup KDCs are referred to as slave servers. The
slave server periodically synchronizes its database with the
primary (or master) KDC.
Remote KDC
Optionally, specify a numerical (non-DNS) IP address and port for a
remote KDC. Kerberos implementations can use an administration
server allowing remote manipulation of the Kerberos database.
This administration server usually runs on the KDC.
remote KDC. Kerberos implementations can use an administration
server allowing remote manipulation of the Kerberos database.
This administration server usually runs on the KDC.
Port
Specify the ports on which the Primary, Backup and Remote KDCs
reside. The default port number for Kerberos Key Distribution
Centers is Port 88.
reside. The default port number for Kerberos Key Distribution
Centers is Port 88.