HP ProCurve 700wl Series - Secure Access Configuration Guide for Wireless Clients (April 2005) Part One: Browser-Based Logons

Figure 2.18 – Client Detail Page

Configuring Scenario 3: Browser-based Logon using RADIUS Authentication

Scenario 3 consists of a wireless, Static WEP, Windows 2000 client authenticating via RADIUS.

In this example, we will configure the ACS to authenticate users against Internet Authentication

Service (IAS), Microsoft’s RADIUS implementation, and interpret group affiliation returned by

the server as the user’s Identity Profile. The steps required are:

Note: Scenario 3 requires that you create a user account in Active Directory and associate it

with a group (see Scenario 2 for details).

• On the Enterprise Server, create a new RADIUS client (in this case, the ACS).

• On the Enterprise Server, create a Remote Access Policy for authentication.

• On the ACS, define a RADIUS Authentication Service and associate it to the System

Authentication Policy.

• On the ACS, configure the Authenticated Access Policy to allow clients to use Real IP

addresses (via DHCP).

• On the AP 420, configure Static WEP wireless parameters.

• Connect Windows 2000 Client, logon using browser-based logon and verify

authentication.

1) On the Enterprise Server, create a new RADIUS client.

Note: The Enterprise Server is configured as a Domain Controller named

“samcorp.com”.