Use the Firebox as an Authentication Server for Wireless Authentication
If you select the WPA Enterprise, WPA2 Enterprise, or WPA/WPA2 Enterprise authentication methods in your wireless configuration, you can use the Firebox as the authentication server for wireless authentication.
To configure a Firebox wireless device to use the Firebox as an authentication server, from Fireware Web UI or Policy Manager:
- Select Network > Wireless.
- Click Configure adjacent to the required wireless interface.
- Select the Wireless tab.
Wireless interface settings in Fireware Web UI
Wireless interface settings in Policy Manager.
- From the Encryption (Authentication) drop-down list, select WPA Enterprise, WPA2 Enterprise or WPA/WPA2 Enterprise.
- From the Encryption algorithm drop-down list, select the encryption method to use. For more information, see Set the Encryption Level.
- From the Authentication server drop-down list, select Firebox-DB.
- In the EAP authentication timeout text box, you can change the timeout value for authentication. The default is 3600 seconds.
- From the EAP protocol drop-down list, select the EAP protocol wireless clients must use to connect to the access point.
- EAP-PEAP — EAP Protected Extensible Authentication Protocol
- EAP-TTLS — EAP Tunneled Transport Layer Security
- EAP-TLS — EAP Transport Layer Security
- From the EAP tunnel protocol drop-down list, select the EAP tunnel protocol to use. The available tunnel protocols depend on the selected EAP protocol.
- Select the certificate type to use for authentication.
- Default certificate signed by Firebox — This is the default.
- Third party certificates — Select from a list of installed third party certificates.
- If you selected Third party certificates, select a certificate from the Certificate drop-down list.
- If you want to use a certificate authority (CA) to validate the client certificate, select the Validate client certificate check box and select a CA certificate from the CA Certificate drop-down list.
For more information about certificates, see About Certificates.
- Save the configuration to the device.
To use this authentication method, you must configure your Firebox as an authentication server. For more information, see Configure Your Firebox as an Authentication Server.