Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Features

WPA in action - AP "Enterprise"

Updated June 30, 2003

Figure 3 shows the Belkin AP when I selected the WPA (with RADIUS server) option.

WPA (Radius) Authentication

Figure 3: WPA (Radius) Authentication

You can see that setup for this "Enterprise" mode of WPA isn't that much more complicated. All you need to enter is the IP address of the RADIUS server, its port number (the default of 1812 is entered for you), and the RADIUS key (similar to the WPA password).

Belkin also lets you specify the Re-Key Interval, which is the rate that the AP or RADIUS server pushes a new Group Key out to all clients. The Re-Keying process is part of WPA's enhanced security and is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. Setting of the Re-Key Interval is also supported by some APs in WPA-PSK mode, while others - like the Belkin - rely on a non-adjustable Re-Key Interval instead.

The configuration of the RADIUS server is beyond the scope of this NTK, but basically, it replaces the single password with per-user authentication. Figure 4 illustrates this mode, where the AP just passes the authentication request to a RADIUS server instead of performing the authentication itself. The server then checks the user's credentials against its records, grants or denies network access accordingly, and then issues the Group Key to all stations so that they can begin encryption and sending / receiving data.

WPA Enterprise Authentication

Figure 4: WPA "Enterprise" Authentication
(Diagram from Wi-Fi Alliance Networld+Interop 2003 Media Presentation
Used by permission)

There's nothing special you need to do at the RADIUS server itself to support WPA, since the wireless client WPA authentication looks the same as any other client's. This assumes, however, that the server supports 802.1X authentication and the desired EAP (Extensible Authentication Protocol) l types. I'll go into this more in the next section, which describes the Client end of WPA.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

"Kaspersky Lab has uncovered a new advanced persistent threat (APT) campaign that has affected a large number of users through what is known as a supp...
Hi, wondering if this is possible.I want to segregate certain devices to operate over VPN and was hoping I could use my AC68 to do so, without it beco...
QNAP's webpage says that speed drops by half if directly connected to NAS. Why is this and how can Imaximize Thunderbolt 3 speed? Considering direct c...
Wondering if anyone is experiencing this issue. Happened with 384.8-2 and 384.10 betas.Have the router set to auto reboot once a week. Most times the ...

Don't Miss These

  • 1
  • 2
  • 3