Configuring Security Settings for an AP

To configure security settings, complete the following steps in the Security tab:

1. Select one of the following security options from the Security Level based on your requirement:
   • 802.1X Authentication—Select 802.1X Authentication to enable 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. authentication.
     • Primary Server—Select a primary server from the Primary Server drop-down list.
     • Secondary Server—Select a secondary server from the Primary Server drop-down list.
     • MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. Authentication—Enable the toggle button for MAC authentication.
     • MAC Authentication Fail-Thru—Enable the toggle button to attempt 802.1X authentication is attempted when the MAC authentication fails.
   • MAC Authentication—Select this option to enable MAC authentication.
     • Primary Server—Select a primary server from the Primary Server drop-down list.
     • Secondary Server—Select a secondary server from the Primary Server drop-down list.

     The MAC Authentication option is set to Gateways if the Traffic forwarding mode is Tunnel or Mixed.

   • Visitors—Set the toggle button to enable captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication.
     • Type—Select a type of captive portal from the drop-down list. For example, External Captive Portal or Cloud Guest.
     • Captive Portal Profile—Select a captive portal profile from the Captive Portal Profile drop-down list.
     • Primary Server—Select a primary server from the Primary Server drop-down list.
     • Secondary Server—Select a secondary server from the Primary Server drop-down list.
   • Open—Set the toggle button to enable, to set security for open network.
2. Under the Advance Settings section, configure the following parameters:
   • Use IP for Calling Station ID—Enable the toggle button to configure client IP address as calling station ID.
   • Called Station ID Type—Select one of the following options:
     • Access Point Group—Uses the VC ID as the called station ID.
     • Access Point Name—Uses the host name of the AP as the called station ID.
     • VLAN ID—Uses the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID of as the called station ID.
     • IP Address—Uses the IP address of the AP as the called station ID.
     • MAC address—Uses the MAC address of the AP as the called station ID.

     The Called Station ID Type detail can be configured even if the Use IP for Calling Station ID is set to disabled.

   • Reauth Interval—Specify the interval at which all associated and authenticated clients must be re-authenticated.
   • Accounting—Expand the Accounting accordion and select one of the accounting servers from the Accordion drop-down list.
3. Click Next.
   The Access details page is displayed.