How to configure 802.1X on Omada Pro Wall AP

Configuration Guide
Updated 11-06-2024 08:39:31 AM 1339
This Article Applies to: 

Objective

Requirements

Introduction

Configuration

Conclusion

Objective

This article explains how to configure the 802.1X function for Omada Pro Wall APs on the Omada Pro Controller.

Requirements

  • Omada Pro Controller (Omada Pro Software Controller / Omada Pro Cloud-Based Controller)
  • Omada Pro Wall AP

Introduction

The Omada Pro Wall AP can connect wired clients via its downlink ports and supports EAP 802.1X authentication for secure access. When a wired client reconnects, it must re-authenticate, which enhances network security. The main use case is when a wired client connects to the downlink port of the Pro Wall AP, where it needs to pass authentication before it can access the internet. Otherwise, the connection will be denied.

Below is how packets exchange to authenticate wired clients:

1. The client connects to an Ethernet (ETH) port, and the AP detects the client's MAC address.

2. The AP converts the MAC address according to the configured format, encapsulates it as the username and password in a Request packet, and sends it to the RADIUS server for 802.1X authentication.

3. If authentication is successful, the RADIUS server replies with an Accept packet, allowing the client to access the network. If it fails, the server sends a Reject packet, disconnecting the client. The figure below shows the Accept and Reject packet flows.

802.1X authentication message interaction process, including request and accept packets.

Follow the steps below to configure 802.1X, using Omada Pro Software Controller V1.9.10.3 and AP7650 as an example.

Configuration

Step 1. Log in to the Controller. Navigate to Site Settings > Authentication > 802.1X > EAP 802.1X. Enable the 802.1X feature, then select the RADIUS Profile and MAC Address Format.

Location of EAP 802.1X configuration on the Controller.

Step 2. Under Authentication Ports, choose the downstream ports where you want to enable EAP 802.1X, such as ETH1, ETH2, and ETH3.

Select the downlink ports where the 802.1X authentication needs to be enabled.

Step 3. After confirming the settings, click Save.

Click Save to complete the configuration.

Conclusion

This guide outlines the steps to configure 802.1X authentication on the Omada Pro Wall AP using the Omada Pro Controller.

Get to know more details of each function and configuration please go to Download Center to download the manual of your product.

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >