User's Guide
Table Of Contents
USER GUIDE 
The user can enter RADIUS (Remote Authentication Dial In User Service) Server parameters 
here or on the next tab (Security Server). For dynamic encryption, the Access/One Network 
Nodes communicate with an authentication server to obtain encryption keys to use. 
•  RADIUS Server: Specify the Host name or IP address of the RADIUS Server. 
•  RADIUS Port: Specify the RADIUS port number. 
•  RADIUS Secret: Specify the RADIUS Server’s shared secret. The Network Node will 
use this server secret when it forwards authentication credentials to the RADIUS Server. 
•  Key Source: Specify where the RADIUS keys are located. Selecting ‘Local’ will cause 
the Network Node to use the static keys configured in the previous section. If both 
checkboxes are selected the Network Node will use the local key unless it receives a key 
from the RADIUS Server. If ‘Remote’ is selected, the Network Node will use only keys 
from the RADIUS Server. 
Click the ‘Update’ button at the bottom of the page to save any changes made to the settings in 
this page. Click the ‘Apply Configuration’ tab to make the configuration information active in 
the Access/One Network cloud. 
WIRELESS UPLINK (NETWORK CONNECT) SECURITY 
The Access/One Network provides WEP and AES ciphers for encryption and 802.1x remote 
authentication to protect wireless stations associated with each Network Node. The inter-Node 
Network Connect wireless uplink is protected with an AES static key to prevent eavesdropping. 
The factory configured default key is hidden from view to retain secrecy for a basic network. 
However, this key may be changed by using the ‘Network Connect Security Key’ field to allow 
each network to have a unique key. If additional security is required, a different Network 
Connect Security Key may be provisioned for each Network Connect module. This is done by 
creating an Access Control List (ACL) entry in the receiving Node that contains the MAC 
address of the Network Connect Node and a specific unique key. 
The Network Connect solution for Access/One Network prevents unauthorized wireless 
connections from being established to the network by blocking user traffic in two scenarios: 
1.  If the Network Connect is configured for the default cloud name (AccessOne), 
Manager/One forces the Administrator to approve/admit the Network Node to 
the cloud before user traffic is bridged to the network. 
2.  If the two Network Nodes that are wirelessly connected (via the uplink) have 
different Network Connect Security Keys configured. 
In either instance, the Network Connect is remotely manageable within Manager/One to allow 
configuration changes necessary to update the Network Connect parameters. However, if 
Network Connect is configured for a new security key, but the receiving Network Node still has 
the default security key, remote management will not be possible. 
33 










