9 802.1x authentication settings in the cli, 1 802.1x authentication server settings, 1x authentication settings in the cli – Fortress Technologies ecure Wireless Access Bridge User Manual

Page 107: 1x authentication server settings

Advertising
background image

Fortress Bridge: Command-Line Interface

97

6.4.9

802.1X Authentication Settings in the CLI

6.4.9.1

802.1X Authentication Server Settings

Support for 802.1X authentication on the Fortress Bridge,
whether for wired or wireless devices, requires the use of an
external 802.1X authentication service. Those WPA and WPA2
Security Suite settings that do

not

use PSK (pre-shared key

mode), also require the use of an 802.1.X authentication
server. (Possible VAP Security Suite settings are described in
detail in Section 3.3.4.5; viewing and changing current settings
through the Bridge CLI is described in Section 6.4.3.1.)

If you are using the

external

option for non-802.1X

authentication (described in Section 6.4.8, above), the 802.1X
authentication service can run on the same external server, but
you must configure the server separately for each function.

Because 802.1X authentication is used by both wired and
wireless devices connecting to the Fortress Bridge, the server
can be configured in either the Bridge CLI’s GW (Gateway)
mode or its AP (access point) mode. Although the two modes
use different command arguments to access 802.1X server
settings, they apply to the same 802.1X service. (Refer to
Section 6.1.1 for more detail on Bridge CLI user modes.)

In AP mode, use the

radius

argument with the show

command to view the server settings:

[AP]>

show radius

[RADIUS Info]
Server IP: 127.0.0.1
Server Port: 1812
Server Secret: password

In AP mode, use the

set

command with just the

radius

argument to configure the 802.1X server interactively. The
Bridge CLI presents one field at a time, with the current setting
displayed in parentheses. You can either enter a new value for
a given field or strike

Enter

to leave the value unchanged and

go on to the next field.

[AP]>

set radius

RADIUS server IP (127.0.0.1):

123.45.6.78

[OK]
Reboot is required when changing RADIUS server address
RADIUS server port (1812):
RADIUS server secret (password):

drowssaPw3n

[OK]
Reboot is required when changing RADIUS server secret
Reboot is required. [Y|N]?

Alternatively, in AP mode, you can use the

set radius

command with valid switches and arguments to change 802.1X
server settings:

[AP]>

set radius -server

<serverIPaddr>

-port

<port#>

-secret

<sharedkey>

Advertising
Popular Brands
Popular manuals