User's Manual
MDS 05-6302A01, Rev. B MDS Mercury 16E Technical Manual 41
4.5 RADIUS Server Configuration
Using the Configuration - Security page, each Mercury transceiver can be
configured with one or two IP addresses for RADIUS servers. The
RADIUS server is used for user authentication and device
authentication. The IP address, port, shared secret, and authentication
protocol can be configured for each RADIUS server. If two servers are
configured, the device will use the first server for authentication
processes. However, if ICMP communication fails to the first server, the
Mercury transceiver will change over to the second server.
Invisible place holder
Figure 30. Configuration - Security Screen (RADIUS Portion)
Creation of X.509 Certificates
Each transceiver can be loaded with a set of X.509 digital certificates in
DER format. These certificates are used in the authentication process
when joining a WiMAX network. The certificates can be loaded using
TFTP, FTP, or SFTP, or a USB flash drive as described below. Three
certificates are supported: Root CA (Certificate Authority), the Device's
public certificate, the Device's Private Key. The Common Name (CN)
for the certificate must be the serial number for the Mercury transceiver.
A domain name can be appended to the serial number for the Common
Name, for example, 2047711.mydomain.com.
Load X.509 Certificates
The X.509 certificates can be loaded on the unit using TFTP, FTP,
SFTP, or a USB flash drive using the
Configuration - Security page. Select
the appropriate File Media as TFTP, FTP, SFTP, or USB. If using one
of the network protocols, specify the IP address of the server and the
other necessary protocol parameters.