What authentication methods can be used on a 7211 to secure its connectivity to a AP?
SummaryThis article talks about various authentication methods supported on a 7211 model CPE
QuestionWhat authentication methods can be used on a 7211 to secure its connectivity to a AP?
Customer EnvironmentUsually a outdoor wireless network that requires a CPE for providing network access to its subscribers or users.
Root CauseIncompatible EAP authentication methods on the RADIUS server side.
Troubleshooting Steps7211 model CPE can only support TTLS authentication method if you prefer 802.1x based authentication on the WAN side. Its doesn't support PEAP. It doesn't support TLS either which requires a non-Ruckus certificate to be loaded on the CPE.
Just make sure your RADIUS server provides TTLS EAP method to support 7211 CPE connectivity.
WorkaroundFollowing steps explain how to securely connect a 7211 model CPE to a wireless network:
1. You need a wireless AP to provide network access to the CPE
2. Configure secure authentication method on the AP to secure the traffic
3. Setup a RADIUS server if you want to provide 802.1x authentication method to the users
4. On the 7211, go to the Configuration --> Wireless page
5. Click on the "Wan" tab
6. Choose the encryption method that will be compatible with the AP
7. Choose PSK as the WPA Authentication option if the AP requires passphrase based authentication
8. You have to choose 802.1x _instead_ if you want more advanced authentication method with a RADIUS backend
Just as an example, following KB link talks about setting Microsoft NPS to act as a AAA server.