This tutorial explains how to setup radius server authentication for a network. The requirement is outlined below.
An enterprise has a mix of LAN and Wireless LAN users. The enterprise wishes to setup a radius server based authentication for its users. The necessary equipments, software and hardware along with necessary services have to be identified. Provide an appropriate solution.
The enterprise should buy switches and wireless access points which support 802.1x authentication. After purchasing the products, the client computers should be installed and configured with 802.1x supplicants. Windows computers can use the native windows supplicants available. Operating systems like Windows XP, Windows 7 have the windows supplicants. Linux computers can be installed with Open X Supplicant, which is a free download. After the 802.1x supplicants are configured, the necessary ports on the switch should be configured for 802.1x authentication. The Wireless access points should also be configured as a 802.1x authenticator.
On Windows platform ( Windows 2003) , IAS is the service which is used as a radius server. So if the enterprise is planning to use a Windows based radius server authentication, a Windows 2003 operating system with IAS service can be setup. IAS can be configured and setup to read username and password info from Windows Active directory. The users can authenticate with the domain username and password on the radius server. On a linux platform, free radius, which is a free download can be used as a radius server. Local username and password databases can be created for authentication. Cisco ACS server software can also be used as a radius server in a Windows based platform.
Once the radius servers are identified, the switch and the wireless access point should be configured as radius clients. The IP address of the radius servers should be configured on the radius clients with a shared key for secure access.
Ebooks & Guides – Click here