Black Box LWN600CM-1 Podręcznik Użytkownika Pobierz pdf (Strona 115)

724-746-5500 | blackbox.com

Page 115

Chapter 9: Common Configuration Examples

Data encryption: AES

Enable IEEE 802.1X authentication for this network: (select)

EAP type: Protected EAP (PEAP)

Authenticate as computer when computer information is available: (clear)

Authenticate as guest when user or computer information is unavailable: (clear)

Validate server certificate: (clear)

SelectAuthenticationMethod:Securedpassword(EAP-MSCHAPv2)

Automatically use my WIndows logon name and password (and domain if any): (clear)

2. View the available SSIDs in the area and select corp-wifi.

3. Click “Connect.”

4.Whenthepromptappearsforyoutoselectacertificateorenterothercredentialstovalidateyouridentity,clicktheprompt,

enter the user name and password stored on the RADIUS server, and then click “OK.”

If the supplicant is on a Macintosh computer and is not on a domain, view the available SSIDs in the area, and select corp-wifi.

Then click Join Network, and accept the certificate that the RADIUS server provides, assuming it is from a trustworthy source.

After the RADIUS server validates your identity, the client connects to the WLAN.

9.3 Example 3: Providing Guest Access through a Captive Web Portal

A captive Web portal is a way to control network access by requiring users to authenticate their identity or complete a registration

form before assigning them network and user profile settings that allow them network access beyond the SmartPath AP with

which they associated. A captive web portal provides registered users with network access while containing unregistered users.

Because the Black Box captive web portal feature is very flexible, you will have a number of choices to make when configuring it.

Several of these are examined first—“Registration Types,” "Providing Network Settings", and "Modifying Captive Web Portal

Pages"—and then a complete configuration example is presented.

9.3.1 Registration Types

There are five types of registration (four are shown in Figure 9-7) that a captive Web portal can require of users:

Self-Registration: With this option, users must complete a registration form and accept a network use policy before being allowed

to pass through the captive Web portal. This is a good choice when you cannot know in advance who will be attempting to make

a network connection through the captive Web portal and simply want to keep a record of the users, or if user authentication is

unimportant.

User Authentication: With this option, users must enter and submit a valid user name and password to log in. The SmartPath AP

acts as a RADIUS authenticator or RADIUS client and forwards the submitted login credentials to a RADIUS server for

authentication. The RADIUS authentication server can either be an internal server on a SmartPath AP or an external RADIUS

server on the network. This is a good choice when you can set up a RADIUS authentication server with user accounts before the

users attempt to access the network.

Both (Auth/Self-reg): This is a combination of the previous two registration types. Users can authenticate themselves by

submitting a user name and password or complete and submit a registration form.

Private PSK Server: This option automatically assigns users with a private PSK after they either self-register or authenticate

themselves.

Use Policy Acceptance: With this option, the user is presented with a network use policy, and only has to click Accept to gain

network access.

ExternalAuthentication:SmartPathAPsredirectunregisteredusers’HTTPandHTTPStraffictoacaptiveWebportalonan

external server, such as the amigopod Visitor Management Appliance.

1 2 ... 110 111 112 113 114 115 116 117 118 119 120 ... 191 192

Komentarze do niniejszej Instrukcji

Brak uwag

Black Box LWN600CM-1 Podręcznik Użytkownika Strona 115

Komentarze do niniejszej Instrukcji