Re: [Ubnt_users] Authentication for SMs

Wed, 22 Jun 2016 09:43:50 -0700

RADIUS. We're using RADIUS for SM auth on UBNT M5 gear (which is mac:mac sent as a RADIUS "User Password"); also works the same on MikroTik for MAC authentication. On UBNT 5AC gear, we use WPA2-AES w/EAP, which also uses RADIUS. WPA2-AES w/EAP is more complicated to setup for two reasons - 1) certificates need installed on the RADIUS server (can be self-signed); and 2) the SM needs a user/pass configured (it is the EAP supplicant). You could use the same user/pass in all SM's, but then you can't disallow a single SM from connecting to the AP. For this, we chose to use a unique user/pass for each customer. This same user/pass is also the customer's PPPoE user/pass.

Jesse DuPont

Network Architect
email: [email protected]
Celerity Networks LLC

Celerity Broadband LLC
Like us! facebook.com/celeritynetworksllc

Like us! facebook.com/celeritybroadband

On 6/22/16 10:26 AM, Josh Luthman wrote:
Radius is I think the only other way?


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Wed, Jun 22, 2016 at 12:25 PM, Nigel Newallo-Singh <[email protected]> wrote:
Hi All,

I want to implement some form of authentication for my Customer SMs (beside of course the wireless pre-shared key).

Can anyone give some good advice on what works to do this (Radius, etc). 

--
Warm Regards,
Nigel Newallo-Singh

_______________________________________________
Ubnt_users mailing list
[email protected]
http://lists.wispa.org/mailman/listinfo/ubnt_users




_______________________________________________
Ubnt_users mailing list
[email protected]
http://lists.wispa.org/mailman/listinfo/ubnt_users




_______________________________________________
Ubnt_users mailing list
[email protected]
http://lists.wispa.org/mailman/listinfo/ubnt_users

Reply via email to