Motorola PTP 200 (OFDM Manual De Usuario
Release 11.0
Release Notes and User Guide Supplement
Issue 1, March 2011
Page
13
5 RADIUS for PMP
Release 11.0 adds support for the RADIUS (Remote Authentication Dial In User Service) protocol
supporting Authentication, Authorization, and Accounting (AAA). The following topics are covered
in this document:
supporting Authentication, Authorization, and Accounting (AAA). The following topics are covered
in this document:
o An overview of the Canopy RADIUS implementation
o Description of the operation of RADIUS with Canopy and the various configurable
o Description of the operation of RADIUS with Canopy and the various configurable
parameters and their settings
o Procedures for specific tasks associated with configuring Canopy for RADIUS
o Reference material, especially information on VSAs and OIDs.
o Reference material, especially information on VSAs and OIDs.
The information does not
o Provide substantial background on the RADIUS protocol. A solid understanding of
RADIUS is assumed, or should be gained from other sources.
o Provide detailed information on setting up a RADIUS server. This information should
be gained from other sources, including the vendor or provider of the RADIUS server.
A typical course of action to prepare for the migration to RADIUS is
o Study these release notes
o Gain any additional knowledge needed on RADIUS and your specific RADIUS server
o Gain any additional knowledge needed on RADIUS and your specific RADIUS server
from outside sources and install your RADIUS server and database.
o Experiment with a test system in the lab or field
o Develop a migration plan for your network
o Migrate your network to RADIUS
o Develop a migration plan for your network
o Migrate your network to RADIUS
5.1
RADIUS IMPLEMENTATION OVERVIEW
5.1.1 RADIUS Functions
RADIUS protocol support provides the following functions:
o SM Authentication allows only known SMs onto the network (blocking “rogue” SMs),
and can be configured to ensure SMs are connecting to a known network (preventing
SMs from connecting to “rogue” APs). RADIUS authentication is used for SMs, but
not used for APs, BHMs, or BHSs.
SMs from connecting to “rogue” APs). RADIUS authentication is used for SMs, but
not used for APs, BHMs, or BHSs.
o SM Configuration configures authenticated SMs with MIR (Maximum Information
Rate), CIR (Committed Information Rate), High Priority, and VLAN (Virtual LAN)
parameters from the RADIUS server when an SM registers to an AP.
parameters from the RADIUS server when an SM registers to an AP.
o Centralized AP and SM user name and password management allows AP and
SM usernames and access levels (Administrator, Installer, Technician) to be centrally
administered in the RADIUS server instead of on each radio and tracks access
events (logon/logoff) for each username on the RADIUS server. BHMs and BHSs do
not support RADIUS accounting. This accounting does not track and report specific
configuration actions performed on radios or pull statistics such as bit counts from the
radios. Such functions require an Element Management System (EMS) such as the
Motorola One Point Wireless Manager. This accounting is not the ability to perform
accounting functions on the subscriber/end user/customer account.
administered in the RADIUS server instead of on each radio and tracks access
events (logon/logoff) for each username on the RADIUS server. BHMs and BHSs do
not support RADIUS accounting. This accounting does not track and report specific
configuration actions performed on radios or pull statistics such as bit counts from the
radios. Such functions require an Element Management System (EMS) such as the
Motorola One Point Wireless Manager. This accounting is not the ability to perform
accounting functions on the subscriber/end user/customer account.