NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Multiple authentication methods on WAX630
Hi,
I was wondering if it's possible to set up multiple authentications on a single WAX630.
What I basically want is to use 1 SSID with certificate authentication and on the other SSID (on the same device) just password authentication.
SSID1: Main_WiFi > Certificate authentication
SSID2: Guest_WiFi > Password authentication
Is this possible on just the access points because we do not have a Netgear router.
3 Replies
Wow. Thanks for introducing this topic. Had never occurred to me that WiFi networks could be set up to use something other than password for authentication. Enjoyed reading some background, such as this article:
https://www.securew2.com/blog/how-does-wi-fi-certificate-authentication-work
The key appears to be 802.1x (https://en.wikipedia.org/wiki/IEEE_802.1X ), I do not find any reference to 802.1x in either the WAX630 Product Data Sheet (https://www.downloads.netgear.com/files/GDC/WAX630/WAX630_DS.pdf ) or the WAX630 User Manual (https://www.downloads.netgear.com/files/GDC/WAX630/WAX630_UM_EN.pdf ).
Netgear has a Knowledge Base article about 802.1x and WiFi:
https://kb.netgear.com/1209/What-is-802-1x-Security-Authentication-for-Wireless-Networks
The only Netgear products mentioned are ProSafe switches.
My conclusion: "Beats hell out of me. This stuff is really complicated."
Good Luck.
Each SSID is can have different security configs and authentiction methods.
From where do you have the idea Netger does suport some kind of 802.1x on a Wi-Fi SSID please, e.g. on ny WAX6xx or the Wi-Fi 7 capble WBE7xx? Start from the basic RT*M plese.
On business networks, you authenticate from a RADIUS server, with some kind of username and password from a directory service usually,
No netger router required.
RADIUS by itself providing no encryption of the traffic, it does protects only a small part of the traffic, most notably the passwords. FMI https://en.wikipedia.org/wiki/RADIUS#Security_2
---
The RADIUS protocol transmits obfuscated passwords using a shared secret and the MD5 hashing algorithm. ... additional protection, such as IPsec tunnels or physically secured data-center networks, should be used ... the user's security credentials are the only part protected by RADIUS itself, ... The RadSec protocol claims to solve aforementioned security issues.
---
RadSec is supported e.g. by FreeRADIUS. But to actually use it you of course need to configure it with the necessary certificates (i.e. no "encrypted ... by default") and your (unknown) radius client must support RadSec too. FMI https://en.wikipedia.org/wiki/RadSec
Haven't seen ny kind of RadSec suport e.g. (but not only) with Netgear.
Enoug challenges for most network admins me thinks...
Hello Private_Sub
And welcome to the NETGEAR Community! 🙂
Several suggestions provided her for you. Do you have any feedback with regard to the suggestions provided here? Looks like Schumaku have provided you substantial information you need to know in terms of wifi authentication.
Have a lovely day,
Erwin
Netgear Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
