Knowledge Base

How to configure 802.1X Authentication on Dell PowerConnect W-IAPs for Employee or Voice WLANs.



Article summary: This article explains how to setup external 802.1X Authentication on Dell PowerConnect W-IAPs for Employee or Voice WLANs.


To configure 802.1X authentication for Employee or Voice networks, perform the following steps.

1) Under Network in the IAP GUI, click New to create a new SSID or click an existing SSID and then click edit to configure a previously existing SSID.

2) Follow the setup wizard until you get to step 3 Security

3) On the left underneath Security Level, click Enterprise.

4) In Key management, select the proper key type for encryption to match the Radius Server

5) In Authentication server 1 click the dropdown menu and select New to create a radius server profile. When done click Ok.

a. Name: The alias you wish to give the Radius Server

b. IP address: The IP address of the Radius Server

c. Shared Key and Retype key: The shared key of the Radius Server

d. NAS IP address: The Virtual Controller IP address.

6) If using two Radius Servers, follow the steps provided in Step 5 for Authentication server 2.

7) If Load Balancing between the two Radius Servers is desired, select enabled under Load balancing.

Note: load balancing is not in a round robin fashion. All authentication requests get processed by server 1, and load balances to server 2 if there are outstanding authentication sessions on server 1.

8) If using MAC authentication as well, check Perform MAC authentication before 802.1X

9) Uppercase support will allow the IAP to send uppercase letters.

10) To configure accounting servers, follow the same steps from step 5, except under Accounting. You can either use the same servers as radius, or configure separate servers.

11) Click next and finish the setup wizard.

12) Click System in the upper right hand corner of the main page.

13) Make sure Dynamic RADIUS proxy is enabled. This will allow the IAPs to request authentication by using their Virtual controller IP address.

14) On your Radius server, make sure the Virtual controller IP address is listed as an accepted authenticator.


Configuring IAPs internal 802.1X/MAC authentication server

The IAP can act as the 802.1X or MAC based authenticator with its own database. It can support up to 512 user entries (the IAP-9X series supports up to 256). Perform the following steps to configure the internal database.

1) Click Security in the upper right hand corner of the main page.

2) Navigate to Users for Internal Server.

3) This is where you add the username and password for user accounts to get added to the internal server. After inputting the credentials click Add and it adds that user to the database. Click OK to save the changes.

Note: To add a MAC based authentication user, input the MAC address with no colons in both the Username and Password (and password retype) sections.






Article ID: HOW10535

Last Date Modified: 06/09/2016 06:52 AM


Rate this article

Accurate
Useful
Easy to understand
Was this article helpful?
Yes No
Send us feedback
Comments cannot contain these special characters: <>()\
Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.