Motorola Canopy FSK and OFDM radios PTP 100 (FSK) User Manual

Page 21

Advertising
background image

Release 11.0

Release Notes and User Guide Supplement



Issue 1, March 2011

Page

21

5.6

CONFIGURING AP AND SM FOR CENTRALIZED AP AND SM USER

NAME AND PASSWORD MANAGEMENT

5.6.1 AP – Technician/Installer/Administrator Authentication

To control technician, installer, and administrator access to the AP from a centralized RADIUS
server:

1. Set Authentication Mode on the AP’s Configuration > Security tab to RADIUS

AAA as shown in

Figure 5: AP's Account > User Authentication tab.

2. Set User Authentication Mode on the AP’s Account > User Authentication tab

(the tab only appears after the AP is set to RADIUS authentication) to Remote or
Remote then Local.

Local: The local SM is checked for accounts. No centralized RADIUS
accounting (access control) is performed.

Remote: Authentication by the centralized RADIUS server is required
to gain access to the SM if the SM is registered to an AP that has
RADIUS AAA Authentication Mode selected. For up to 2 minutes a
test pattern will be displayed until the server responds or times out.

Remote then Local: Authentication using the centralized RADIUS
server is attempted. If the server sends a reject message, then the
setting of Allow Local Login after Reject from AAA determines if the
local user database is checked or not. If the configured servers do not
respond within 2 minutes, then the local user database is used. The
successful login method is displayed in the navigation column of the
SM.

Either the same RADIUS server used for SM authentication and authorization can be used for
user authentication and accounting (access control), or a separate RADIUS accounting server
can be used. Indicate your network design under User Authentication Server.

If separate accounting server(s) are used, configure the IP address(es) and Shared Secret(s) in
the Accounting Server fields. The default Shared Secret is “CanopyAcctSecret”. Up to 3
servers can be used for redundancy. Servers 2 and 3 are meant for backup and reliability, not
splitting the database. If Server 1 doesn’t respond, Server 2 is tried, and then server 3. If Server 1
rejects authentication, Server 2 is not tried.

Advertising
This manual is related to the following products:

Canopy FSK and OFDM radios PMP 100, Canopy FSK and OFDM radios PMP 400, Canopy FSK and OFDM radios PTP 200 (OFDM

Popular Brands
Popular manuals