Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9dead57811b73b66-e58a0964-43dc4d40-a9278286-7998264419995c36ae653ed7"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Associated WLAN station 64:b9:e8:a0:2e:a4 []

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0084c2ef15c35b98-abbbcecc-417c45ef-8b92828e-a590c2658e2cad53bad033ac"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] WLAN station 64:b9:e8:a0:2e:a4 [] authenticated via 802.1x [user name is certuser-2010-001@restena.lu]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8a6651a450c2fa60-1b2d2c80-45ab46c5-9a67b3fa-9dba039cb375bfbbdb603f9a"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Key handshake with peer 64:b9:e8:a0:2e:a4 successfully completed

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3d9d92f1253e8246-f583e6cb-40b440c5-b01a9402-21b32ab8376003278902a7dc"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Connected WLAN station 64:b9:e8:a0:2e:a4 []

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="541f459713bc935f-9bb4d1b6-4f72430e-be93be98-ddbab7f65d6881c1ed28e9fd"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Determined IPv4 address for station 64:b9:e8:a0:2e:a4 []: 158.64.3.24

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4f6039a7208c764f-5818bd45-4ba04823-ba2ab82e-660b7011b0e6db7ea5f5a27f"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Determined IPv6 address for station 64:b9:e8:a0:2e:a4 []: 2001:0a18:0000:0403:66b9:e8ff:fea0:2ea4

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="31a981aba4e26347-ae4007f0-47f3421b-9b9eb9cc-9259b1ecf03acf302bb52e0d"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Determined IPv6 address for station 64:b9:e8:a0:2e:a4 []: fe80:0000:0000:0000:66b9:e8ff:fea0:2ea4

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d786e89f2945f9a7-f926b981-4c9c416f-894fbc0a-c53ae5240c1a1fd67d968f38"><ac:plain-text-body><![CDATA[

AUTH

Notice

[WLAN-1] Disassociated WLAN station 64:b9:e8:a0:2e:a4 [] due to station request (Disassociated because sending station is leaving BSS

]]></ac:plain-text-body></ac:structured-macro>

...

A recurring question is "Why is Client EAP method irrelevant?" The answer is: this setting refers to which authentication method the access point should use when it is in Client mode (i.e. it acts as a supplicant to connect to another access point). When in Access Point mode, its role is by design limited to transparently pass all authentication methods to a RADIUS server.

B.2.6 Using

...

RADIUS/TLS instead of RADIUS (optional)

LANCOM devices have a RadSec RADIUS/TLS client built-in. It can be used instead of standard RADIUS for the uplink to an IdP. Please note that most of the value of RADIUS/TLS plays out in long-haul connections, like from an eduroam IdP server to his federation. If your Access Point is located closely to your RADIUS server, using RADIUS is sufficient and you need not follow the steps below.

To use RADIUS/TLS in the eduroam contextTo use RadSec, you must have been given a issued an eduroam Service Provider X.509 certificate from your NROfederation operator. First,
upload this certificate

When you have your certificate, the private key, and the eduGAIN CA certificate (which can be downloaded athttp://sca.edugain.org/cacert/eduGAINCA.pem) via the device's "File Upload" menu: Image Removed
Then, go to Expert Configuration>Setup>IEEE802.1X>RADIUS Server certificate that issued you your certificate, you need to upload these via the device menu "File Management" > "Upload Certificate or File".

Upload them using the File Type "RADSEC ..." as in the screenshot below.

Then, go to "LCOS Menu Tree" > "Setup" > "IEEE802.1X" > "RADIUS Server" and set the Protocol option to
RADSEC: Image Removed
The same option is also present in the RADIUS Accounting server menu that was discussed above. When
RadSec is to be used, we strongly suggest to use it for both authentication and accounting"RADSEC", as in the screenshot below.