Configure Wireless AP Settings
Applies To: Windows Server 2008, Windows Vista
Use this information with the product documentation that was provided by the wireless AP manufacturer to configure your wireless access points (APs).
This procedure enumerates items commonly configured on a wireless AP. The item names can vary by brand and model and might differ from those listed in the following table. For configuration-specific details, see your wireless AP documentation.
To configure wireless AP settings
SSID. Specify the name of the wireless network (for example, ExampleWLAN). This is the name that is advertised to wireless clients. In Windows XP, the service set identifier (SSID) is the name displayed in View Available wireless networks when the computer detects the wireless AP advertisement.
Encryption. Specify WPA2-Enterprise (preferred) or WPA-Enterprise, and either AES or TKIP encryption cipher, depending on which versions are supported by your wireless client computer network adapters.
IP address (static). On each AP, configure a unique static IP address that falls within the exclusion range of the Dynamic Host Configuration Protocol (DHCP) scope.
Subnet mask. Configure this to match the subnet mask settings of the local area network (LAN) to which you have connected the wireless AP.
DNS name. Some wireless APs can be configured to use a Domain Name System (DNS) name. The DNS service on the network can resolve DNS names to an IP address. On each wireless AP that supports this feature, enter a unique name for DNS resolution.
DHCP service. If your wireless AP has a built-in DHCP service, disable it.
RADIUS shared secret. Use a unique Remote Authentication Dial-In User Service (RADIUS)shared secret for each wireless AP. Each shared secret should be a random sequence at least 22 characters long of uppercase and lowercase letters, numbers, and punctuation. To ensure randomness, you can use a random character generation, such as the random character generator found in the NPS Configure 802.1X wizard, to create the shared secrets.
Record the shared secret for each wireless AP and store it in a secure location, such as an office safe. You must know the shared secret for each wireless AP when you configure RADIUS clients in the Network Policy Server (NPS).
RADIUS server IP address. Type the IP address of the server running NPS.
UDP port(s). By default, NPS uses UDP ports 1812 and 1645 for authentication messages and UDP ports 1813 and 1646 for accounting messages.
Do not change the default RADIUS UDP port settings.
VSAs. Some wireless APs require vendor-specific attributes (VSAs) to provide full wireless AP functionality. VSAs are added in NPS network policy.
DHCP filtering. Configure wireless APs to block wireless clients from sending IP packets from UDP port 68 to the network, as documented by the wireless AP manufacturer.
DNS filtering. Configure wireless APs to block wireless clients from sending IP packets from TCP or UDP port 53 to the network, as documented by the wireless AP manufacturer.