Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

408

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

Chapter 14

Configuring RADIUS and TACACS+ Servers

• Turnkey network security environments that applications support the

RADIUS protocol, such as an access environment that uses a smart card
access control system.

In one case, RADIUS has been used with Enigma’s security cards to
validate users and to grant access to network resources.

• Networks already using RADIUS.

You can add an access point containing a RADIUS client to the network.

• Networks that require resource accounting.

You can use RADIUS accounting independently of RADIUS
authentication or authorization. The RADIUS accounting functions
allow data to be sent at the start and end of services, showing the amount
of resources (such as time, packets, bytes, and so forth) used during the
session. An Internet service provider can use a freeware-based version of
RADIUS access control and accounting software to meet special security
and billing needs.

RADIUS is

not suitable in these network security situations:

• Multiprotocol access environments.

RADIUS does not support AppleTalk Remote Access (ARA), NetBIOS
Frame Control Protocol (NBFCP), NetWare Asynchronous Services
Interface (NASI), or X.25 PAD connections.

• Switch-to-switch or router-to-router situations.

RADIUS does not provide two-way authentication. RADIUS can be used
to authenticate from one device to a non-Cisco device if the non-Cisco
device requires authentication.

• Networks using a variety of services. RADIUS generally binds a user to

one service model.