Configuring WPA/WPA2 Enterprise (RADIUS) 111
A Wireless Client Settings and RADIUS Server Setup
IEEE 802.1X clients should now be able to connect to the access point using their TLS
certificates. The certificate you installed is used when you connect, so you will not be
prompted for login information. The certificate is automatically sent to the RADIUS server for
authentication and authorization.
Configuring WPA/WPA2 Enterprise (RADIUS)
Wi-Fi Protected Access 2 (
WPA2
) with Remote Authentication Dial-In User Service
(
RADIUS
) is an implementation of the Wi-Fi Alliance IEEE
802.11i
standard, which includes
Advanced Encryption Standard (
AES
), Counter mode/CBC-MAC Protocol (
CCMP
), and
Temporal Key Integrity Protocol (
TKIP
) mechanisms. This mode requires the use of a
RADIUS server to authenticate users.
This security mode also provides backwards-compatibility for wireless clients that support
only the original
WPA
.
If you configure the access point to use this security mode with an external RADIUS server,
you must configure the client stations to use WPA/WPA2 Enterprise (RADIUS) and
whichever security protocol your RADIUS server is configured to use.
WPA/WPA2 Enterprise (RADIUS) Client Using EAP/PEAP
If you have an external RADIUS server that uses EAP/PEAP, you will need to (1) add the
access point to the list of RADIUS server clients, and (2) configure your “WPA/WPA2
Enterprise (RADIUS)” wireless clients to use PEAP.
If you configured the access point to use WPA/WPA2 Enterprise (RADIUS) security mode
and an external RADIUS server that uses EAP/PEAP, perform the following steps.