Configuring Wireless Access with RADIUS

RADIUS, short for Remote Authentication Dial-In User Service, is an authentication and accounting system used to share the usernames and passwords in a directory service to network devices. In this example, we will use RADIUS to provide usernames and passwords to an AirPort base station. The reason this example is so important is that it represents one case where Apple takes one of the more complicated technologies in the IT industry and makes it readily available to even non-network administrators. RADIUS also represents the highest level of security you can obtain when using Apple AirPort base stations.

You will need to be running a system that is either an Open Directory Master or Replica, or a system that is connected to a directory service in order to use RADIUS. For more on directory services, see Chapter 2. For this example, the AirPort will also need to have addresses configured and sit on the same network (preferably being accessible via Bonjour) that allow the server to connect to the base station.

Setting Up the AirPort

To get started, open Server Admin and click on the name of the server in the SERVERS sidebar. Click on Settings and then click on the Services tab. Check the box for RADIUS and then click the Save button to see the RADIUS entry appear below the server name in the Server Admin sidebar.

Click on RADIUS and then click on the Overview icon in the Server Admin toolbar. Here, click on the button to Configure RADIUS Service…. ...

Get Using Mac OS X Lion Server now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.