Configuring ldap authentication – Brocade Mobility 7131N-FGR Access Point Product Reference Guide (Supporting software release 4.0.0.0-35GRN and later) User Manual

Page 216

Advertising
background image

204

Brocade Mobility 7131N-FGR Product Reference Guide

53-1001947-01

Configuring user authentication

6

CAUTION
If you have imported a Server or CA certificate, the certificate will not be saved when updating the
access point’s firmware. Export your certificates before upgrading the access point’s firmware.
From the access point CLI, use the admin(system.cmgr)> expcert command to export the
certificate to a secure location.

4. Use the Radius Client Authentication table to configure multiple shared secrets based on the

subnet or host attempting to authenticate with the Radius server. Use the Add button to add
entries to the list. Modify the following information as needed within the table.

5. Click Apply to save any changes to the Radius Server screen. Navigating away from the screen

without clicking Apply results in all changes to the screen being lost.

6. Click Undo Changes (if necessary) to undo any changes made. Undo Changes reverts the

settings displayed on the Radius Server screen to the last saved configuration.

7. Click Logout to securely exit the Access Point applet. A prompt displays confirming the logout

before the applet is closed.

Configuring LDAP authentication

When the Radius Data Source is set to use an external LDAP server (see

“Configuring the Radius

Server”

on page 202), the LDAP screen is used to configure the properties of the external LDAP

server.

To configure the LDAP server:

Server Certificate

If you have a server certificate from a CA and wish to use it on the
Radius server, select it from the drop-down menu. Only certificates
imported to the access point are available in the menu. For
information on creating a certificate, see

“Creating self certificates

for accessing the VPN”

on page 70.

CA Certificate

You can also choose an imported CA Certificate to use on the
Radius server. If using a server certificate signed by a CA, import
that CA's root certificate using the CA certificates screen (for
information, see

“Importing a CA certificate”

on page 69). After a

valid CA certificate has been imported, it is available from the CA
Certificate drop-down menu.

Subnet/Host

Defines the IP address of the subnet or host that will be
authenticating with the Radius server. If a WLAN has been created
to support mesh networking, then enter the IP address of mesh
client bridge in order for the MU to authenticate with a base
bridge.

Netmask

Defines the netmask (subnet mask) of the subnet or host
authenticating with the Radius server.

Shared Secret

Click the Passwords button and set a shared secret used for each
host or subnet authenticating against the RADIUS server. The
shared secret can be up to 7 characters in length.

Advertising
Popular Brands
Popular manuals