Nokia A032 Manual page 24

24
The authentication procedure is initiated by the
station, which sends
frame to the AP. The AP builds a Radius
containing a Radius
Request
derived as follows:
user-password
• The
user-name
the station expressed as a 12-character
hexadecimal string or the unit name if this
has been supplied by the station.
The A040 adapter sends its unit name as a
vendor-specific IEEE802.11 information
element in the Authentication Req message.
• The
user-password
, a
password shared secret
Request Authenticator included in the
Radius packet (see RFC2138 section 5.2 for
the password generation algorithm) using
the MD5 hashing function. The
and
shared secret
shared_secret' command on the AP CLI.
Note that the password, being a value
entered at into the AP configuration, is the
same for all stations.
Using its copy of the
the Radius server can check that the
supplied is valid. The
password
the MAC-address entries in the Radius server
configuration should be set to same value as
was entered on the APs. Also, the
must be the same in all the APs
shared secret
using the Radius server.
When the Radius server receives the
, it takes the user-name and looks up the
Request
entry for the station. It then recalculates its
own copy of the
user-password
supplied
user-password
builds an
Access-Accept
Authentication Req
user-name
is either the MAC address of
is generated from a
and a random
password
are defined via the 'set
and
shared secret
password
password
and if the
and its own match it
message to send back to
Nokia A032 Addendum
MAC
Access-
and
,
password
user-
for all
and
Access-