Manualshelf

Management and Configuration Guide (Includes ACM xl) 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
161162163164165166167168169170
5-16 ProCurve Secure Access 700wl Series Management and Configuration Guide
Configuring Authentication
Figure 5-5. The Edit Authentication Service - 802.1X Page
Along with the authentication results, you can obtain the user’s group affiliation from the
authentication process. The returned group information will be used to match the user to an
Identity Profile in the Rights Assignment table. This assumes you have created Identity Profiles
that match the groups that may be returned from the authentication process.
Step 5. The information required to configure the RADIUS service for 802.1X authentication is defined
in Table 5-6 as follows:
Step 6. Click Save when you have finished.
Configuring the 802.1X/WPA Authentication Service
Unlike the 802.1X passive authentication service, with 802.1X/WPA, the 700wl Series system
participates actively in Wi-Fi Protected Access (WPA) and IEEE’s 802.1X standards to offer a fully
encrypted connection among WPA and 802.1X compliant products. The Wi-Fi Protected Access (WPA)
standard uses Temporal Key Integrity Protocol (TKIP) encryption and 802.1X technology. TKIP uses
dynamic keys to encrypt data between clients and access points. The 802.1X/WPA Authentication
Service uses the 700wl Series built-in RADIUS server.
Table 5-6. RADIUS Configuration for 802.1X Authentication
Field/Option Description
RADIUS Port The port number for the RADIUS server. The default port number is 1812.
RADIUS Secret The shared secret that allows access to the RADIUS server.
This must match exactly the secret configured on your RADIUS server.
Confirm RADIUS Secret The shared secret, entered a second time to confirm.
Group Identity Field (Optional). The name of the attribute in the database that contains the users
group membership information. The returned group information is used to
determine the Identity Profile that this user matches.
If you use this option, the attribute name you enter must match a valid
attribute that exists on the RADIUS server.