Search icon Choose location
 
Search icon

How to configure 802.1X on Omada Pro Wall AP

Configuration Guide
Updated 11-06-2024 08:39:31 AM 314
This Article Applies to: 

Objective

Requirements

Introduction

Configuration

Conclusion

Objective

This article explains how to configure the 802.1X function for Omada Pro Wall APs on the Omada Pro Controller.

Requirements

  • Omada Pro Controller (Omada Pro Software Controller / Omada Pro Cloud-Based Controller)
  • Omada Pro Wall AP

Introduction

The Omada Pro Wall AP can connect wired clients via its downlink ports and supports EAP 802.1X authentication for secure access. When a wired client reconnects, it must re-authenticate, which enhances network security. The main use case is when a wired client connects to the downlink port of the Pro Wall AP, where it needs to pass authentication before it can access the internet. Otherwise, the connection will be denied.

Below is how packets exchange to authenticate wired clients:

1. The client connects to an Ethernet (ETH) port, and the AP detects the client's MAC address.

2. The AP converts the MAC address according to the configured format, encapsulates it as the username and password in a Request packet, and sends it to the RADIUS server for 802.1X authentication.

3. If authentication is successful, the RADIUS server replies with an Accept packet, allowing the client to access the network. If it fails, the server sends a Reject packet, disconnecting the client. The figure below shows the Accept and Reject packet flows.

802.1X authentication message interaction process, including request and accept packets.

Follow the steps below to configure 802.1X, using Omada Pro Software Controller V1.9.10.3 and AP7650 as an example.

Configuration

Step 1. Log in to the Controller. Navigate to Site Settings > Authentication > 802.1X > EAP 802.1X. Enable the 802.1X feature, then select the RADIUS Profile and MAC Address Format.

Location of EAP 802.1X configuration on the Controller.

Step 2. Under Authentication Ports, choose the downstream ports where you want to enable EAP 802.1X, such as ETH1, ETH2, and ETH3.

Select the downlink ports where the 802.1X authentication needs to be enabled.

Step 3. After confirming the settings, click Save.

Click Save to complete the configuration.

Conclusion

This guide outlines the steps to configure 802.1X authentication on the Omada Pro Wall AP using the Omada Pro Controller.

Get to know more details of each function and configuration please go to Download Center to download the manual of your product.

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

Basic Cookies

These cookies are necessary for the website to function and cannot be deactivated in your systems.

TP-Link

accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Livechat

__livechat, __lc2_cid, __lc2_cst, __lc_cid, __lc_cst, CASID

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Analysis and Marketing Cookies

Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.

The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au

Meta Pixel

_fbp

Crazy Egg

cebsp_, _ce.s, _ce.clock_data, _ce.clock_event, cebs

Hotjar

OptanonConsent, _sctr, _cs_s, _hjFirstSeen, _hjAbsoluteSessionInProgress, _hjSessionUser_14, _fbp, ajs_anonymous_id, _hjSessionUser_<hotjar-id>, _uetsid, _schn, _uetvid, NEXT_LOCALE, _hjSession_14, _hjid, _cs_c, _scid, _hjAbsoluteSessionInProgress, _cs_id, _gcl_au, _ga, _gid, _hjIncludedInPageviewSample, _hjSession_<hotjar-id>, _hjIncludedInSessionSample_<hotjar-id>

Linkedin

lidc, AnalyticsSyncHistory, UserMatchHistory, bcookie, li_sugr, ln_or