Understanding local authentication, Chapter 10, Configure an access point as a local authenticator – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Page 319: Configure an access point as a local, Chapter

Advertising
background image

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

319

Chapter

10

Configure an Access Point as a Local
Authenticator

This chapter describes how to configure the access point as a local authenticator
to serve as a stand-alone authenticator for a small wireless LAN or to provide
back up authentication service. As a local authenticator, the access point performs
LEAP, EAP-FAST, and MAC-based authentication for up to 50 client devices.

Understanding Local
Authentication

Many small wireless LANs that could be made more secure with 802.1x
authentication don’t have access to a RADIUS server. On many wireless LANs
that use 802.1x authentication, access points rely on RADIUS servers housed in a
distant location to authenticate client devices, and the authentication traffic must
cross a WAN link. If the WAN link fails, or if the access points cannot access the
RADIUS servers for any reason, client devices cannot access the wireless network
even if the work they wish to do is entirely local.

To provide local authentication service or back-up authentication service in case
of a WAN link or a server failure, you can configure an access point to act as a
local authentication server. The access point can authenticate up to 50 wireless
client devices by using LEAP, EAP-FAST, or MAC-based authentication. The
access point performs up to 5 authentications per second.

You configure the local authenticator access point manually with client
usernames and passwords because it does not synchronize its database with the
main RADIUS servers. You can also specify a VLAN and a list of SSIDs that a
client is allowed to use.

Topic

Page

Understanding Local Authentication

319

Configuring a Local Authenticator

320

Configuring EAP-FAST Settings

336

Limiting the Local Authenticator to One Authentication Type

339

Unblocking Locked Usernames

339

Using Debug Messages

341

TIP

If your wireless LAN contains only one access point, you can configure the
access point as both the 802.1x authenticator and the local authenticator.
However, users associated to the local authenticator access point can notice a
drop in performance when the access point authenticates client devices.

Advertising
Popular Brands
Popular manuals