Wireless Features, Continued
While EAP and RADIUS make for industrial strength authorization, if you do not already have a RADIUS server or do not wish to set one up, the G-2000 can perform EAP authentication using its Local User Database (Figure 13) for up to 32 users.
Figure 13: If you do not have a RADIUS server you can authenticate to an onboard Local User Database
The Local User Database performs a function similar to RADIUS, but is not a mini RADIUS server. Using either RADIUS or the Local User Database does require that authenticating clients support 802.1x, however.
Figure 13 shows that authentication requests can be directed to an external RADIUS server, the Local User Database (Figure 14), or both. With either method, users can be forced to periodically re-authenticate and / or re-authenticate if the user's connection is idle for too long.
Figure 14: A Local User Database allows for simple authentication using only a name and password
The G-2000 also supports MAC address filtering (Figure 15), which uses client MAC addresses to control access to the G-2000's LAN. The list can be set to either grant or deny access, but can't be saved to or loaded from a file. The feature also doesn't present a list of currently associated or in-range client MAC addresses to pick from in order to minimize setup hassles.
Figure 15: MAC address filtering provides basic client access control