User Authentication
Planned for general release in the first quarter of 2000,
KarlNet's ISP
Base Station and Firewall
products will have support for username and password authentication
of wireless users to a centralized RADIUS server.
Similar functionality is currently available in our firewall
product, with username and password lists stored in the
firewall itself. KarlNet is now extending that capability
in its wireless products to centralize the password list
in RADIUS
servers, the de facto standard for ISP's worldwide for
user authentication.
For the wireless products, the ISP Base Station and remote
client determine at radio connection time whether to accept
connections to each other using the System
Access Pass Phrase. After this initial connection,
the user opens a login program stored on their computer
and enters their username and password. The login program
sends its username and CHAP password to the Base Station,
which queries the RADIUS server with the user's login
name and password. The RADIUS server forms a reply based
on the username, CHAP password, and other configuration
information stored in its database, and the Base Station
accepts or kills the connection depending on the reply.
Wireless user authentication by username and password
can be used in conjunction with other authentication mechanisms,
including wireless station
authentication by MAC Address.