Use a RADIUS Server for Wireless Authentication

Applies To: Locally-managed Fireboxes

If you select an Enterprise authentication method in your wireless configuration, you can use a RADIUS server for wireless authentication.

Make sure you have a RADIUS server configured in your Authentication Servers on your Firebox. For more information, go to Configure RADIUS Server Authentication.

To configure your wireless access point to use RADIUS authentication, from Fireware Web UI or Policy Manager:

  1. Select Network > Wireless.
  2. Adjacent to the Access point 1, Access point 2, or Access Point 3 configuration, click Configure.
  3. Select the Wireless tab.

Screen shot of the Wireless tab Enterprise Authentication settings for Single Radio Firebox

Wireless Interface Settings for Single Radio Firebox in Fireware Web UI

 

Screen shot of the Wireless tab Enterprise Authentication settings for dual radio Firebox

Wireless Interface Settings for Dual Radio Firebox in Fireware Web UI

 

Screen shot of the Wireless tab Enterprise Authentication settings for Single Radio Firebox

Wireless Interface Settings for Single Radio Firebox Policy Manager

 

Screen shot of the Wireless tab Enterprise Authentication settings for Dual Radio Firebox

Wireless Interface Settings for Dual Radio Firebox Policy Manager

  1. From the Radio drop-down list, select the radios that broadcast this SSID.
  2. In the Network name (SSID) text box, type a name for this wireless network. This is the network name broadcast to wireless clients.
  3. From the Security drop-down list, select WPA2 Enterprise or WPA3 Enterprise.
  4. From the Authentication Server drop-down list, select your RADIUS server.

If you have not previously configured a RADIUS server, you must create a server before you can select the RADIUS option. For more information, go to Configure RADIUS Server Authentication.

  1. In the EAP authentication timeout text box, you can change the timeout value for a wireless client authentication session after which the client reauthenticates to the RADIUS server. The default is 3600 seconds.

The EAP protocol and certificate configuration is only available if you select Firebox-DB as the authentication server. When you select a RADIUS server, you cannot configure these settings because they are configured on your RADIUS server. For more information about Firebox-DB authentication, go to Use the Firebox as an Authentication Server for Wireless Authentication.

  1. Save the configuration to the device.

Related Topics

Set the Wireless Security Method

Enterprise Wireless Authentication with RADIUS