SMC Networks SMCWBR14S-N4 manual Ieee 802.1X and Radius

Page 74

CHAPTER 7 Wireless Configuration

WLAN Security

IEEE 802.1X AND RADIUS

bit key. Use of AES-CCMP encryption is specified as a standard requirement for WPA2. Before implementing WPA2 in the network, be sure client devices are upgraded to WPA2-compliant hardware.

TKIP/AES — Uses either TKIP or AES keys for encryption. WPA and WPA2 mixed modes allow both WPA and WPA2 clients to associate to a common SSID. In mixed mode, the unicast encryption type (TKIP or AES) is negotiated for each client.

Key Renewal Interval — Sets the time period for automatically changing data encryption keys and redistributing them to all connected clients. (Default: 3600 seconds)

PMK Cache Period — WPA2 provides fast roaming for authenticated clients by retaining keys and other security information in a cache, so that if a client roams away from an access point and then returns reauthentication is not required. This parameter sets the time for deleting the cached WPA2 Pairwise Master Key (PMK) security information. (Default: 10 minutes)

Pre-Authentication— When using WPA2, pre-authentication can be enabled that allows clients to roam to another access point and be quickly associated without performing full 802.1X authentication. (Default: Disabled)

IEEE 802.1X is a standard framework for network access control that uses a central RADIUS server for user authentication. This control feature prevents unauthorized access to the network by requiring an 802.1X client application to submit user credentials for authentication. The 802.1X standard uses the Extensible Authentication Protocol (EAP) to pass user credentials (either digital certificates, user names and passwords, or other) from the client to the RADIUS server. Client authentication is then verified on the RADIUS server before the client can access the network.

Remote Authentication Dial-in User Service (RADIUS) is an authentication protocol that uses software running on a central server to control access to RADIUS-aware devices on the network. An authentication server contains a database of user credentials for each user that requires access to the network.

The WPA and WPA2 enterprise security modes use 802.1X as the method of user authentication. IEEE 802.1X can also be enabled on its own as a security mode for user authentication. When 802.1X is used, a RADIUS server must be configured and be available on the connected wired network.

NOTE: This guide assumes that you have already configured RADIUS server(s) to support the access point. Configuration of RADIUS server software is beyond the scope of this guide, refer to the documentation provided with the RADIUS server software.

– 74 –

Page 73 Page 75
Image 74
Page 73 Page 75
Contents User Guide BarricadeTM SMCWBR14S-N4 User Guide Page Warranty and Product Registration FCC Radiation Exposure Statement CompliancesFederal Communication Commission Interference Statement Taiwan NCC IC StatementIC Radiation Exposure Statement EC Conformance DeclarationDe overige relevante bepalingen van Richtlijn 1999/5/EC 1999/5/EG. Wien Compliances About this Guide Contents WEB Configuration PptpDMZ 110 Section AppendicesContents Figures Advanced Settings Wireless Network Figures Tables Section Description of Capabilities KEY Hardware FeaturesIntroduction Introduction Package Contents Hardware DescriptionTop Panel Rear Panel Ethernet WAN Port Ethernet LAN Ports LED BehaviorIntroduction Introduction Network Planning Internet Gateway RouterLAN Access Point Network PlanningWireless Bridge Operating as an Access PointOperating as a Wireless Repeater Location Selection Installing the Gateway RouterSystem Requirements Mounting on a Wall Wall MountingGateway Mode Connections Mounting on a Horizontal SurfaceBridge Mode Connections Bridge Mode ConnectionInstalling the Gateway Router Connecting to the Login Initial ConfigurationISP Settings Login Home page and Main MenuSetup Wizard Common WEB page ButtonsSettings Wizard Time and Sntp SettingsSettings Dhcp WANSettings Static IP Wizard WAN Settings Static IPSettings Pppoe Wizard WAN Settings PPPoESettings Pptp Wizard WAN Settings PptpWireless Security Wizard Wireless SecurityInitial Configuration Initial Configuration WEB Configuration Section Web Configuration Operation Mode Logging Logging OnHome Operation Mode Operation Mode GatewayInternet Settings WAN SettingDhcp Configuration Static IP Configures a static IP for the WAN port PPPoE Configuration Pptp Configuration Internet Settings LAN Setting LAN ConfigurationInternet Settings Advanced Routing Settings Advanced RoutingInternet Settings Internet Settings Internet Settings Wireless Configuration Basic SettingsBasic Settings Security Mode Options Wlan SecurityWired Equivalent Privacy WEP Security Mode WEPSecurity Mode WPA-PSK WPA PRE-SHARED KEYWPA Enterprise Mode Security Mode WPA Ieee 802.1X and Radius Security Mode Advanced Settings Advanced Settings Wireless NetworkHT Physical Mode Settings HT Physical Mode SettingsWireless Configuration Advanced Wireless Settings Wireless Configuration Wi-Fi Multimedia Settings WMM Configuration MULTICAST-TO- Unicast Converter Multicast-to-Unicast ConverterWireless Distribution System WDS Internet Service Provider Cable/DSL Modem WDS LinkLink WDS Configuration Wireless Configuration WI-FI Protected Setup WPS Enabling WPSWPS Configuration Station List Station ListFirewall Configuration MAC/IP/PORT FilteringMAC/IP/Port Filtering Current Filter Rules Virtual Server Settings Port Forwarding Virtual ServerDMZ Current Virtual Servers in SystemSystem Security System SecurityContent Filtering Content FilteringAdd a Host Filter Enters the keyword for a host filtering Administration Settings Language Settings WEB Interface Settings System ManagementSntp Settings Sntp SettingsDdns Settings Ddns Settings Gateway ModeUpgrade Firmware Upgrade FirmwareConfiguration Settings Configuration SettingsSystem Status Gateway Mode System Status106 Statistics StatisticsSystem LOG System Log109 Appendices If YOU Cannot Connect to the Internet TroubleshootingDiagnosing LED Indicators Before Contacting Technical SupportAppendix a Troubleshooting 113 Hardware Specifications Appendix B Hardware Specifications Cables and Pinouts TWISTED-PAIR Cable AssignmentsSTRAIGHT-THROUGH Wiring 10/100BASE-TX PIN AssignmentsCrossover Wiring Straight-through WiringLicense Information GNU General Public LicenseAppendix D License Information 121 END of Terms and Conditions Glossary Glossary 125 126 SMCWBR14S-N4
Related manuals
Manual 2 pages 47.9 Kb
Top Page Image Contents