Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual
Page 334
334
Rockwell Automation Publication 1783-UM006A-EN-P - May 2014
Chapter 10
Configure an Access Point as a Local Authenticator
AP(config-radsrv)# user 00095125d02b password
00095125d02b group clerks mac-auth-only
AP(config-radsrv)# user 00095125d02b password
00095125d02b group cashiers
AP(config-radsrv)# user 00079431f04a password
00079431f04a group cashiers
AP(config-radsrv)# user carl password 272165 group
managers
AP(config-radsrv)# user vic password lid178 group
managers
AP(config-radsrv)# end
Configuring Other Access Points to Use the Local Authenticator
You add the local authenticator to the list of servers on the access point the same
way that you add other servers. For detailed instructions on setting up RADIUS
servers on your access points, see
Configuring RADIUS and TACACS+ Servers
On the access points that use the local authenticator, use the
radius-server
host
command to enter the local authenticator as a RADIUS server.
The order of access point attempts to use the servers matches the order that you
entered the servers in the access point configuration.
If you are configuring the access point to use RADIUS for the first time, enter the
main RADIUS servers first, and enter the local authenticator last.
Use the
radius-server deadtime
command to set an interval. During this
interval, the access point does not attempt to use servers that don’t respond. This
avoids the wait for a request to time out before trying the next configured server.
A server marked as dead is skipped by additional requests for the duration of
minutes that you specify, up to 1440 (24 hours).
IMPORTANT
If your local authenticator access point also serves client devices, you must
configure the local authenticator to use itself to authenticate client devices.
IMPORTANT
You must enter 1812 as the authentication port and 1813 as the accounting
port. The local authenticator listens on UDP port 1813 for RADIUS accounting
packets. It discards the accounting packets but sends acknowledge packets
back to RADIUS clients to prevent clients from assuming that the server is
down.