Page 61 / 81 Scroll up to view Page 56 - 60
56
1.Enable DHCP server.
2.WAN setting: static IP address.
3.LAN IP address: 192.168.1.254/24.
4.Set RADIUS server IP.
5.Set RADIUS server shared key.
6.Configure WEP key and 802.1X setting.
The
following
test
will
use
the
inbuilt
802.1X
authentication
method
such
as
,EAP_TLS,
PEAP_CHAPv2(Windows XP with SP1 only), and PEAP_TLS(Windows XP with SP1 only) using the Smart
Card or other Certificate of the Windows XP Professional.
3. DUT and Windows 2000 Radius Server Setup
3-1-1. Setup Windows 2000 RADIUS Server
We have to change authentication method to MD5_Challenge or using smart
card or other certificate on RADIUS server according to the test condition.
3-1-2. Setup DUT
1.Enable the 802.1X (check the
Enable checkbox
).
2.Enter the RADIUS server IP.
3.Enter the shared key. (The key shared by the RADIUS server and DUT).
4.We will change 802.1X encryption key length to fit the variable test
condition.
3-1-3. Setup Network adapter on PC
1.Choose the IEEE802.1X as the authentication method. (Fig 2)
Note.
Figure 2 is a setting picture of Windows XP without service pack 1. If users upgrade to
service pack 1, then they can
t see MD5-Challenge from EAP type list any more, but they
will get a new Protected EAP (PEAP) option.
2.Choose MD5-Challenge or Smart Card or other Certificate as the EAP
type.
3.If choosing use smart card or the certificate as the EAP type, we select to
use a certificate on this computer. (Fig 3)
Page 62 / 81
57
4. We will change EAP type to fit the variable test condition.
Figure 2: Enable IEEE 802.1X access control
Page 63 / 81
58
Figure 3: Smart card or certificate properties
4. Windows 2000 RADIUS server Authentication testing:
4.1DUT authenticate PC1 using certificate. (PC2 follows the same test procedures.)
1. Download and install the certificate on PC1. (Fig 4)
2. PC1 choose the SSID of DUT as the Access Point.
3. Set authentication type of wireless client and RADIUS server both to
EAP_TLS.
4. Disable the wireless connection and enable again.
5. The DUT will send the user's certificate to the RADIUS server, and then
send the message of authentication result to PC1. (Fig 5)
6. Windows XP will prompt that the authentication process is success or fail
and end the authentication procedure. ( Fig 6)
7. Terminate the test steps when PC1 get dynamic IP and PING remote host
successfully.
Page 64 / 81
59
Figure 4: Certificate information on PC1
Figure 5: Authenticating
Page 65 / 81
60
Figure 6: Authentication success
4.2
DUT authenticate PC2 using PEAP-TLS.
1. PC2 choose the SSID of DUT as the Access Point.
2. Set authentication type of wireless client and RADIUS server both to
PEAP_TLS.
3. Disable the wireless connection and enable again.
4.The DUT will send the user's certificate to the RADIUS server, and then
send the message of authentication result to PC2.
5. Windows XP will prompt that the authentication process is success or fail
and end the authentication procedure.
6. Terminate the test steps when PC2 get dynamic IP and PING remote host
successfully.
Support Type:
The router supports the types of
802.1x Authentication:
PEAP-CHAPv2 and PEAP-TLS.
Note.
1.PC1 is on Windows XP platform without Service Pack 1.
2.PC2 is on Windows XP platform with Service Pack 1a.
3.PEAP is supported on Windows XP with Service Pack 1 only.
4.Windows XP with Service Pack 1 allows 802.1x authentication only when data encryption function is
enable.

Rate

4.5 / 5 based on 2 votes.

Popular MSI Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top