An Employee network is a classic Wi-Fi network. This network type is used by the employees in an organization and it supports passphrase-based (PSK) or 802.1X-based authentication methods. Employees may access the protected data through the employee network after successful authentication. The employee network is selected by default during a network profile configuration.
The very first employee network you create for the site cannot be deleted unless you choose to delete the site entirely from your account.
To configure an employee network:
- Click the Instant On web application home page. tile on the
- Click Add () and select the tab. This tab appears only when your site has both wired and wireless networks.
- Select , under Usage to indicate that the network is for an enterprise.
- Enter a for the employee network. This will also be broadcasted as the SSID for the WLAN network.
- Choose a level for the network and update the required fields.
If you want to use a RADIUS authentication server, click thetab.
You must configure the RADIUS server to allow APs individually or set a rule to allow the entire subnet.
—Secures the network using a higher encryption RADIUS authentication server. Update the following fields:
—Configure the following parameters for the .
- —Enter the IP address of the RADIUS server.
- —Enter a shared key for communicating with the external RADIUS server.
- Instant On AP attempts to send the request several times (as configured in the ) before the user gets disconnected. For example, if the Timeout is 5 seconds, Retry counter is 3, user is disconnected after 20 seconds. The default value is 5 seconds. —Specify a timeout value in seconds. The value determines the timeout for a RADIUS request. The
- —Specify a number between 1 and 5. Retry count indicates the maximum number of authentication requests that are sent to the server group, and the default value is 3 requests.
- —Enter the authentication port number of the external RADIUS server within the range of 1–65535. The default port number is 1812.
- Network Access Attributes - Configure the following settings under Instant On AP to the client.
, if you wish to proxy all RADIUS requests from the
- —Enter a string value for RADIUS attribute 32, NAS Identifier, to be sent with RADIUS requests to the RADIUS server.
- Instant On devices are configured in a private network mode. The options below determine how the RADIUS authentication takes place across all networks. This option is grayed out if the Instant On AP is configured as a primary Wi-Fi router on the network. In which case each AP in the network will send RADIUS requests to the server with a matching Source IP address and NAS IP address.
—Select one of the following options if your
- —This is the default setting. The RADIUS requests and NAS IP address will originate from each device authenticating the clients.
- —The RADIUS and NAS IP address will originate from a single IP address representing the site. Enter the for the site.
1. To configure a , slide the toggle switch to the right () and update the required fields.
2. To requests, slide the toggle switch to the right ().
3. Click .
After you configure an Employee network and save its settings for the first time, a toggle switch appears in the Employee Details page indicating the network is currently(). Use this switch to enable or disable the employee network.