Background

Now, there is more and more WLAN in the world. How to only let the right users access into WLAN is very important for WLAN carrier. So they always want to build a 802.1x based WLAN.

Network Architecture

In WLAN, notebook with a wireless card is the users.

Access Point (AP) is access device for the users. They are always connected to LAN.

RADIUS server is connected to AP via LAN.

WiFi users

Because Microsoft's 802.1x client is NOT standard, users have to install a standard 802.1x client software. Now, there are many kinds of standard 802.1x client software, they are:

• AEGIS Client
• Odyssey Client
• Xsupplicant
• open1x

Users shall install a standard 802.1x client software, and then they can just start by inputting their username/password that provided by WLAN carrier. They shall choose MD5-Challenge as 802.1x protocol.MD5-Challenge is the easiest and most popular 802.1x protocol because it need no certificates creation, distribution and configuration.

Note: Users shall disable Windows's IEEE 802.1x authentication if they use Windows XP.

WiFi AP

You shall choose an AP, such as Cisco 1231, with 802.1x feature and choose EAP Authentication at IEEE802.1x.

You shall also enable AP's DHCP, thus users can get an IP address from AP.

Surely, you shall configure RADIUS server at the AP.

Radius server

PowerRadius (provided by www.new-saga.com) can support this model. You can use PowerRadius to authenticate WLAN users username/password, and can bind to their MAC address.

For business, you can sale prepaid card services, 24 hours services, 10 MB services, etc. In a word, you have many choices.