D-Link DSA-3100 User Manual download pdf (Page 49)

DSA-3100 Airspot Public/Private Gateway User Manual

802.1x: DSA-3100 support integrated single sign-on when using combine with the 802.1x

enabled APs. By using the integrated RADIUS proxy function in DSA-3100, users can use the

EAP methods such as EAP-MD5 or EAP-TLS to login and get the service depending on the

Public LAN methods which the backend RADIUS server and APs support.

The assumption is that user had configured a EAP enabled RADIUS server like Microsoft

Internet Public LAN Service on Windows 2000 or .NET Server 2003. If EAP-TLS is required for

the dynamic key exchange, a CA integrated with Microsoft Active Directory or an external

trusted CA is also required. Of course the user should get the certificate from the CA before

he/she connects to the Wireless LAN.

We suggest the system administrator perform the Public LAN test and make sure everything is

correct before you connect the network to DSA-3100.

Note: The function of 802.1x can only be enabled when the user Public LAN method was set

to “RADIUS”

There are some settings should be configured at these three components in the network:

 RADIUS server:

System administrator should create a client account for DSA-3100 first and

define the required secret (We suggest you to use the one differ than the ones

APs using).

 DSA-3100:

Please select the manual in “Home->User Management” then select the Public

LAN method to “RADIUS”.

 Access Points:

Please specify the Primary and Secondary RADIUS server IP address (Some

APs may have different wording such as IAS server or Public LAN server etc.) to

the IP address of “Public LAN” port on DSA-3100.

The corresponding secrets for each AP should match the settings in DSA-3100

just as the values, as shown in sample figure below:

1 2 ... 44 45 46 47 48 49 50 51 52 53 54 ... 86 87

No comments

D-Link DSA-3100 User Manual Page 49