Moxa AWK-1100 Manuel d'utilisateur télécharger pdf (Page 33)

AirWorks AWK-1100 User’s Manual Web Console Configuration

The IEEE 802.1X functionality of the access point is controlled by the security mode. So far, the

wireless access point supports two authentication mechanisms—EAP-MD5 (Message Digest

version 5), EAP-TLS (Transport Layer Security). If EAP-MD5 is used, the user must give his or

her user name and password for authentication. If EAP-TLS is used, the wireless client computer

automatically gives the user’s digital certificate that is stored in the computer hard disk or a smart

card for authentication. And after a successful EAP-TLS authentication, a session key is generated

automatically for encrypting wireless packets sent between the wireless client computer and the

associated wireless access point. In short, EAP-MD5 only supports user authentication, whereas

EAP-TLS supports both user authentication and dynamic encryption key distribution.

RADIUS

Server

Internet

Wireless AP

User

Database

user authentication

IEEE 802.1X-Compliant

Wireless Client

IEEE 802.1X and RADIUS

An access point supporting IEEE 802.1X can be configured to communicate with two RADIUS

servers. When the primary RADIUS server fails to respond, the wireless access point will try to

communicate with the secondary RADIUS server. You can specify the length of timeout and the

number of retries before communicating with the secondary RADIUS server after failing to

communicate with the primary RADIUS server.

An IEEE 802.1X-capable wireless access point and its RADIUS server(s) share a secret key so

that they can authenticate each other. In addition to its IP address, a wireless access point can

identify itself by an NAS (Network Access Server) identifier. Each IEEE 802.1X-capable wireless

access point must have a unique NAS identifier.

3-20

1 2 ... 28 29 30 31 32 33 34 35 36 37 38 ... 43 44

Pas de commentaire

Moxa AWK-1100 Manuel d'utilisateur Page 33