- Home »
- FAQ »
- WLAN »
- Wireless LAN »
- How to use 802.1X authentication for wireless clients with Local 802.1X?
How to use 802.1X authentication for wireless clients with Local 802.1X?
This document demonstrate how use Local 802.1X to authenticate wireless clients. Since firmware version 3.8.1, Vigor Router supports Local 802.1X which can be regarded as a built-in RADIUS server, so that it can act as authenticator and authentication server simultaneously, and authenticate wireless or wired clients by the user profiles stored on it.
Configuring Vigor Router
1. First of all, make sure Wireless LAN is enabled and SSID are ready.
2. Create user profile for wireless client. Go to User Management >> User Profile, click on an index number to add/edit a profile:
- Enable this account.
- Enter username and password, confirm password again.
- Enable Local 802.1X at Internal Services, so that this user profile can be used by 802.1X authentication.
- Click OK to save
Note: For 802.1X authentication by Local 802.1X, Vigor Router now supports PEAP for phase 1 and MSCHAPV2 for phase 2.
3. Set up Security for the Wireless LAN. Go to Wireless LAN >> Security, select a security Mode that uses 802.1X, and click "Wireless LAN 802.1X Setting".
4. In Wireless LAN 802.1X Setting page, set Authentication Type as "Local 802.1X" and select "Enable", so the router will use the user profiles on the router to authenticate wireless clients. Then click OK to apply.
Note: In this page, it shows all the user profiles on the router. The profiles in the right column are the profiles that has Local 802.1X enabled and can be used for 802.1X authentication. For example, the profile created in step 2 will be listed here. The profiles in the left column are the profiles that doesn't enable Local 802.1X; however, we may select those profiles, and click ">>" to move it to "Enable Local 802.1X" list, then the profiles will be ready for 802.1X authentication as well.
Wireless Client connects to the network
5. After the above configuration, wireless clients can join the network by enter the user name and password set in router's user profiles.
6. In Diagnostics >> Authentication Information, we can check the failed authentication attempts from Authentication User List tab, and the logs about authentication.