Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Features

WPA in action - AP "Enterprise"

Updated June 30, 2003

Figure 3 shows the Belkin AP when I selected the WPA (with RADIUS server) option.

WPA (Radius) Authentication

Figure 3: WPA (Radius) Authentication

You can see that setup for this "Enterprise" mode of WPA isn't that much more complicated. All you need to enter is the IP address of the RADIUS server, its port number (the default of 1812 is entered for you), and the RADIUS key (similar to the WPA password).

Belkin also lets you specify the Re-Key Interval, which is the rate that the AP or RADIUS server pushes a new Group Key out to all clients. The Re-Keying process is part of WPA's enhanced security and is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. Setting of the Re-Key Interval is also supported by some APs in WPA-PSK mode, while others - like the Belkin - rely on a non-adjustable Re-Key Interval instead.

The configuration of the RADIUS server is beyond the scope of this NTK, but basically, it replaces the single password with per-user authentication. Figure 4 illustrates this mode, where the AP just passes the authentication request to a RADIUS server instead of performing the authentication itself. The server then checks the user's credentials against its records, grants or denies network access accordingly, and then issues the Group Key to all stations so that they can begin encryption and sending / receiving data.

WPA Enterprise Authentication

Figure 4: WPA "Enterprise" Authentication
(Diagram from Wi-Fi Alliance Networld+Interop 2003 Media Presentation
Used by permission)

There's nothing special you need to do at the RADIUS server itself to support WPA, since the wireless client WPA authentication looks the same as any other client's. This assumes, however, that the server supports 802.1X authentication and the desired EAP (Extensible Authentication Protocol) l types. I'll go into this more in the next section, which describes the Client end of WPA.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I am having different results using the rootcanary.org test in different browsers. I'll link some photos of my setup and some photos of rootcanary usi...
Hello, I am a novice internet user/gamer and I am experiencing some issues with my upload/download speeds, especially with the upload speeds. I have e...
So I just picked up my new router and installed the Merlin 384.11_2 version as I read once the router updates its wifi with ASUS, it will no longer be...
I have been using the RT-AC87 for about 5 years now, and it has always been a rock solid router in my opinion. My friend has the opportunity to purcha...
Im getting agitated with the constant deletion of disgruntled members complaints and one of my own recently as well with no response yet again to the ...

Don't Miss These

  • 1
  • 2
  • 3