|
To enhance wireless security, you may wish to create a list of authorized wireless computers that may access the wireless network. Authorized stations will be identified by the unique MAC Address of their wireless interface. To perform this type of authentication, you can use either one of the following options:
MAC Authentication Tab
The MAC Authentication tab allows you to build a list of authorized stations that will be stored inside each AP-3 within your network.
- MAC Access Control Status. Select Enable to allow MAC Address authentication, or select Disable to turn off the MAC Address authentication feature.
- MAC Access Control Operation. Select Allow to permit access by only the devices specified in the MAC Access Control Table. In contrast, select Deny to prevent access by devices listed in the MAC Access Control Table. This only takes effect when the MAC Access Control Status is enabled.
 |
For larger networks that include multiple AP-3 devices, you may
prefer to maintain this list on a centralized location using a RADIUS
Server.
|
MAC Access Control Table
To add an entry, click Add, and then specify the MAC Address and related comment.
- MAC Address. Enter the MAC Address of the device.
- Comment. Enter related information.
To edit or delete an entry, click Edit. Edit the information, or select Enable, Disable, or Delete from the Status pull-down menu.
RADIUS Authentication Tab
If your network includes a RADIUS Server, you can use this tab to define the IP Address of the server that contains a central list of MAC Address values that identify the authorized stations that may access the wireless network. You must specify information for at least the Primary RADIUS server. The Backup RADIUS server is optional.
|
Problems with RADIUS Server configuration or RADIUS
Authentication should be referred to the RADIUS Server developer.
|
- RADIUS MAC Access Control Status. Select Enable to provide authentication by the RADIUS server. Select Disable to prevent use of the RADIUS server.
- Authorization Lifetime (seconds). Enter the time, in seconds, each client session may be active before being automatically re-authenticated.
- Shared Secret, Confirm Shared Secret. Enter the password in both fields. The password for the user on the RADIUS Server must be the same as the Shared Secret.
RADIUS Server
- Server Status. Select Enable or Disable to control the Primary (or Backup) RADIUS server.
- IP Address. Enter the IP Address of the RADIUS server. The AP-3 will send the client MAC Address to the RADIUS Server as the "User Name", using the following format: 00601D - 123456. That is, the first six characters of the MAC Address, then the remaining six characters separated by a dash.
- b>Destination Port. Enter the RADIUS Authentication port. The default value is 1812.
- Response Time (seconds). Enter the maximum time, in seconds, to wait for RADIUS to respond with authentication status.
- Maximum Retransmissions. Enter the maximum number of times an authentication may be retransmitted.
|
