Gateway 7001 Series Benutzerhandbuch
122
www.gateway.com
■
■
■
■
■
■
■
Network infrastructure and choosing between built-in
or external authentication server
or external authentication server
Network security configurations including Public Key Infrastructures (PKI), Remote
Authentication Dial-in User Server (RADIUS) servers, and Certificate Authority (CA) can vary
a great deal from one organization to the next in terms of how they provide Authentication,
Authorization, and Accounting (AAA). Ultimately, the particulars of your infrastructure will
determine how clients should configure security to access the wireless network. Rather than
try to predict and address the details of every possible scenario, this document provides
general guidelines about each type of client configuration supported by the Gateway 7001
AP.
Authentication Dial-in User Server (RADIUS) servers, and Certificate Authority (CA) can vary
a great deal from one organization to the next in terms of how they provide Authentication,
Authorization, and Accounting (AAA). Ultimately, the particulars of your infrastructure will
determine how clients should configure security to access the wireless network. Rather than
try to predict and address the details of every possible scenario, this document provides
general guidelines about each type of client configuration supported by the Gateway 7001
AP.
I want to use the built-in authentication server (EAP-PEAP)
If you do not have a RADIUS server or PKI infrastructure in place or if you are unfamiliar
with many of these concepts, we strongly recommend setting up the Gateway 7001 APs
with security that uses the built-in authentication server on the AP. This will mean setting
up the AP to use either IEEE 802.1x or WPA with RADIUS security mode. (The built-in
authentication server uses EAP-PEAP authentication protocol.)
with many of these concepts, we strongly recommend setting up the Gateway 7001 APs
with security that uses the built-in authentication server on the AP. This will mean setting
up the AP to use either IEEE 802.1x or WPA with RADIUS security mode. (The built-in
authentication server uses EAP-PEAP authentication protocol.)
■
If the Gateway 7001 AP is set up to use IEEE 802.1x mode and the Built-in
Authentication Server, then configure wireless clients as described in
Authentication Server, then configure wireless clients as described in
■
If the Gateway 7001 AP is configured to use WPA with RADIUS mode and the Built-in
Authentication Server, configure wireless clients as described in
Authentication Server, configure wireless clients as described in
.
I want to use an external RADIUS server with EAP-TLS certificates or EAP-PEAP
We make the assumption that if you have an external RADIUS server and PKI/CA setup,
you will know how to configure client security options appropriate to your security
infrastructure beyond the fundamental suggestions given here. Topics covered here that
particularly relate to client security configuration in a RADIUS - PKI environment are:
you will know how to configure client security options appropriate to your security
infrastructure beyond the fundamental suggestions given here. Topics covered here that
particularly relate to client security configuration in a RADIUS - PKI environment are: