Manuals / 3Com / Computer Equipment / Network Router

3Com WL-575, 3CRWEASYA73 manual WPA Key Management

Models: WL-575 3CRWEASYA73

1 293

Download 293 pages 26.87 Kb

Page 103

Security

Encryption – Enable or disable the access point to use data encryption (WEP, TKIP, or AES). If this option is selected when using static WEP keys, you must configure at least one key on the access point and all clients. (Default: Disabled)

NOTE: You must enable data encryption through the web or CLI in order to enable all types of encryption (WEP, TKIP, or AES) in the access point.

Cipher Modes – Selects an encryption method for the global key used for multicast and broadcast traffic, which is supported by all wireless clients.

AES: AES-CCMP is used as the multicast encryption cipher. AES-CCMP is the standard encryption cipher required for WPA2.

TKIP: TKIP is used as the multicast encryption cipher.

WEP/TKIP: WEP is used as the multicast encryption cipher. You should select WEP only when both WPA and WEP clients are supported.

Figure 36 WPA Key Management

WPA Key Management – Specifies the type of WPA encryption to use:

WPA authentication over 802.1x – Requires the use of 802.1x authentication.

WPA Pre-shared Key (PSK) – Requires that 802.1x authentication be disabled.

Key Type – Select the preferred method of entering WEP encryption keys on the access point and enter up to four keys:

5-55

Image 103

3Com WL-575, 3CRWEASYA73 manual WPA Key Management

Contents

User Guide 3Com Corporation 350 Campus Drive Marlborough, MA Contents Configuring Sntp Advanced Setup System IdentificationAuthentication Filter Control Configuring Snmp and Trap Message ParametersCommand Line Interface Pin DIN to RJ-45 Cable Wiring B-6 Straight-Through Wiring Crossover Wiring B-4Terminology Viii Introduction Product FeaturesApproved Channels Radio Characteristics„ One Quick Start Guide Package ChecklistIntegrated HIGH-GAIN Antenna Hardware DescriptionExternal Antenna Options Ethernet Port Power Injector ModuleWater Tight Test Point Grounding PointOperating Modes System ConfigurationWALL- and POLE-MOUNTING Bracket KIT POINT-TO-MULTIPOINT Configuration POINT-TO-POINT ConfigurationBeam Angle Page Bridge Link Planning Data Rates Radio Path Planning Antenna Height Miles 4.8 km 20 m 17 m 12 m Antenna Position and Orientation Weather Conditions Radio InterferenceGrounding Ethernet CablingHardware Installation Using the POLE-MOUNTING Bracket Testing Basic Link OperationMount the Unit Fit the edges of the V-shaped Part into the slots Using the WALL-MOUNTING Bracket Page Connect External Antennas Connect Cables to the Unit Connect the Power InjectorPage LED Check the LED IndicatorsAlign Antennas High 11a Signal Page Networks Without a Dhcp Server Networks with a Dhcp ServerLaunching the 3COM Wireless Interface Device Manager Using the 3COM Installation CDClick on the Properties button to see the following screen First Time only Using the Setup WizardLogin Home page displays the Main Menu Setup Wizard Step Setup Wizard Step Setup Wizard Step Click Finish Click the OK button to complete the wizard System Configuration Advanced Setup Advanced SetupAdvanced Setup System Identification TCP / IP Settings System Configuration Smart Monitor Radius Radius Authentication Authentication Authentication Authentication Authentication System Configuration Filter Control System Configuration Vlan Filter Control Vlan ID Snmp Configuring Snmp and Trap Message ParametersSnmp Trap Configuration Configuring SNMPv3 Users Configuring SNMPV3 UsersChanging the Password AdministrationTelnet and SSH Settings Upgrading Firmware System Configuration „ IP Address IP address or host name of the Tftp server WDS and Spanning Tree Settings WDS and Spanning Tree Settings Root bridge acting as the master bridges parent WDS and Spanning Tree Settings Range Default Enabling System Logging System LOGError Level Description Configuring SntpRssi Rssi Radio Interface 802.11A Interface Radio Settings aRadio Settings a and B/G Configuring Common Radio SettingsSystem Configuration Normal Mode Turbo Mode System Configuration 802.11B/G Interface Radio Settings B/G Configuring WI-FI Multimedia Voice WMM Access CategoriesAccess CategoryWMM Backoff Times System Configuration Key Type See Wired Equivalent Privacy WEP Wireless Security Considerations Wi-Fi Protected Access WPA or WPA2Security MAC Radius Combination Authentication b Server Radius Wired Equivalent Privacy WEPAuthentication and Encryption WPA Key Management WEP Keys Wi-Fi Protected Access WPA System Configuration WPA Configuration Settings Configuration settings for WPA are summarized belowAP Status Status InformationStation Status Static The client is using static WEP keys for encryption Security System Configuration Accessing the CLI Using the Command Line InterfaceConsole Connection Telnet Connection Keywords and Arguments Entering CommandsShowing Commands Command Modes Negating the Effect of CommandsConfiguration Commands Keystroke Commands Command GroupsConfigure General CommandsGeneral Commands Example Default SettingCommand Mode Related CommandsSyntax Command UsageExit PingSyntax Reset board configuration ResetShow line Show historySystem Management Commands System Management CommandsCountry Country Codes Country countrycodeSyntax Prompt string no prompt PromptSyntax Username name System nameSyntax System name name no system name UsernameIp ssh-server enable PasswordSyntax Ip ssh-server port port-number Default Setting Command ModeIp telnet-server enable Ip ssh-server portIp http server Syntax No ip http server Default SettingIp http port Syntax Ip http port port-numberno ip http portSyntax Ip https port portnumber no ip https port Ip https portIp https server Syntax No ip https server Default SettingWeb-redirect Syntax No web-redirect Default SettingAPmgmtIP multiple IPaddress subnetmask single IPaddress any APmgmtIPAPmgmtUI Syntax APmgmtUI Snmp Telnet Web enable disableSnmp UI Show apmanagementUS United States Show systemShow version Show configSsid PRE Shared KEY WPA PSK Enabled Dot11StationRequestFail Nocountryset System Loggign Commands System Logging CommandsShow hardware Logging on Syntax No logging on Default SettingLogging host Logging console Syntax No logging console Default SettingLogging level Syntax Logging facility-type type Logging facility-typeShow logging Syntax Logging clear Command ModeSyntax Show logging Command Mode Logging clearShow event-log System Clock CommandsSyntax Show event-log Command Mode System Clock CommandsSyntax Sntp-server ip 1 2 ip Sntp-server enableSyntax No sntp-server enable Sntp-server ipSntp-server ip 6-38 show sntp Sntp-server date-timeSyntax Sntp-server timezone hours Syntax No sntp-server daylight-saving Default SettingSntp-server daylight-saving Sntp-server timezoneTAIPEI, Beijing Show sntpDhcp Relay Commands Dhcp Relay CommandsDhcp-relay enable Syntax No dhcp-relay enable Default SettingSyntax Dhcp-relay primary secondary ipaddress Dhcp-relayShow dhcp-relay Snmp Commands Snmp CommandsDisplays the Snmp v3 notification filter assignments Snmp-server contact Snmp-server communitySnmp-server location Snmp-server host Snmp-server enable serverSnmp-server trap Hostname Name of the host. Range 1-63 charactersCommand Line Interface Snmp-server engine-id Syntax Snmp-server user user-name Snmp-server userSnmp-server targets Snmp-server filter Default Setting Show snmp groups Snmp-server filter-assignmentsShow snmp group-assignments Syntax Show snmp groups Command ModeSyntax Show snmp users Command Mode Show snmp usersShow snmp filter Syntax Show snmp group-assignments Command ModeSyntax Show snmp target Command Mode Show snmp targetShow snmp filter-assignments Syntax Show snmp filter-assignments Command ModeShow snmp Flash/File Commands Flash/File CommandsBootfile Syntax Bootfile filenameCopy Syntax Copy ftp tftp file copy config ftp tftpDelete File information is shown below DirRadius Client Show bootfileRadius-server port Radius-server addressSyntax Radius-server secondary port portnumber Syntax Radius-server secondary retransmit numberofretries Radius-server keySyntax Radius-server secondary key keystring Radius-server retransmitSyntax Radius-server secondary port-accounting portnumber Radius-server timeoutSyntax Radius-server secondary timeout numberofseconds Radius-server port-accountingRadius-server radius-mac-format Radius-server timeout-interimSyntax Radius-server vlan-format hex ascii Radius-server vlan-formatShow radius 802.1X Authentication 802.1x 802.1X AuthenticationSyntax 802.1x supported required no Using the Command Line Interface Syntax 802.1x broadcast-key-refresh-rate rate 802.1x broadcast-key-refresh-rate802.1x session-key-refresh-rate 802.1x session-timeoutSyntax 802.1x session-key-refresh-rate rate 802.1x-supplicant enable Default802.1x-supplicant user Show authentication MAC Address Authentication Syntax Address filter entry mac-addressallowed denied Address filter defaultSyntax Address filter default allowed denied Address filter entryAddress filter default 6-79 802.1x-supplicant user Syntax Address filter delete mac-address Mac-authentication serverSyntax Mac-authentication server local remote Address filter deleteMac-authentication session-timeout Filtering CommandsSyntax Mac-authentication session-timeout minutes Filter local-bridge Filtering CommandsOutdoor 11a Building to Building config#filter local-bridge Filter ap-manage Syntax No filter ap-manage DefaultFilter uplink enable Syntax No filter uplink enable DefaultSyntax No filter ethernet-type enable Default Filter ethernet-type enableShow filters Filter ethernet-type protocolWDS Bridge Commands WDS Bridge CommandsSyntax Bridge role ap repeater bridge root-bridge Bridge modeSyntax Bridge mode master slave Bridge role WDSBridge channel-auto-sync Syntax Bridge channel-auto-sync enable disableSyntax Bridge-link child index mac-address Bridge-link parentSyntax Bridge-link parent mac-address Bridge-link childSyntax Bridge dynamic-entry age-time seconds Bridge dynamic-entry age-timeSeconds Show bridge aging-time Show bridge filter-entry MAC Show bridge link Syntax Show bridge link ethernet wireless a g indexParent 00-12-34-56-78-9a Child Bridge stp enable Spanning Tree CommandsBridge Commands Bridge stp forwarding-delay Syntax No bridge stp enable Default SettingSyntax Bridge stp hello-time time No bridge stp hello-time Bridge stp hello-timeBridge stp max-age Bridge stp priority Syntax Bridge stp max-age seconds No bridge stp max-ageSyntax Bridge stp prioritypriority no bridge stp priority Syntax Bridge-link path-cost index cost Bridge-link path-costSyntax Bridge-link port-priority index priority Bridge-link port-priorityShow bridge stp Syntax Show bridge stp Command Mode Ethernet Interface CommandsEhternet Interface Commands Dns server Interface ethernetIp address ip-address netmask gateway no ip address Ip addressIp dhcp Syntax No ip dhcp Default SettingShutdown Syntax No shutdown Default SettingSpeed-duplex Syntax Speed-duplex auto 10MH 10MF 100MF 100MHShow interface ethernet Syntax Show interface ethernet Default SettingWireless Interface Commands Wireless Interface CommandsSyntax Interface wireless a g Interface wirelessSpeed VapSyntax Speed speed Syntax Turbo static dynamic no turbo TurboSyntax Multicast-data-rate speed Multicast-data-rateSyntax Channel channel auto ChannelRadio-mode Transmit-powerSyntax Radio-mode b g b+g Preamble Default Setting +g mode Command ModeSyntax Preamble long short-or-long Syntax Antenna control diversity left right Antenna controlSyntax Antenna location indoor outdoor Antenna idSyntax Antenna id antenna-id Antenna locationSyntax Beacon-interval interval Beacon-intervalSyntax Dtim-period interval Dtim-periodSyntax Rts-threshold threshold Fragmentation-lengthSyntax Fragmentation-length length Rts-thresholdSuper-a Syntax No super-a Default SettingSuper-g Syntax No super-g Default SettingDescription Ssid Syntax No closed-system Default SettingClosed-system Syntax Max-association count Assoc-timeout-intervalSyntax Assoc-timeout-interval minutes Max-associationSyntax Auth-timeout-value minutes Auth-timeout-valueSyntax Show interface wireless a g vap-id Show interface wireless130 131 132 Show station Rogue AP Detection CommandsRogue AP Commands Rogue-ap enableSyntax No rogue-ap authenticate Default Setting Rogue-ap authenticateSyntax Rogue-ap duration milliseconds Rogue-ap durationRogue-ap interval Rogue-ap scan Syntax Rogue-ap interval minutes138 Wireless Security Commands Wireless Security CommandsShow rogue-ap Auth 141 Encryption Syntax No encryption Default SettingKey index size type value no key index KeySyntax Transmit-key index Transmit-keyKey 6-143 encryption 6-142 transmit-key Syntax Cipher-suite aes-ccmp tkip wep Cipher-suiteSyntax Micmode hardware software MicmodeSyntax Wpa-pre-shared-key hex passphrase-keyvalue Wpa-pre-shared-keySyntax Pmksa-lifetime minutes Pmksa-lifetimePre-authentication Link-integrity ping-detect Link Integrity CommandsSyntax No link-integrity ping-detect Default Setting Link Integrity CommandsLink-integrity ping-interval Link-integrity ping-hostSyntax Link-integrity ping-interval interval Syntax Link-integrity ping-fail-retry counts Link-integrity ping-fail-retryLink-integrity ethernet-detect Syntax No link-integrity ethernet-detect Default Setting Iapp CommandsShow link-integrity Syntax No iapp Default Vlan CommandsIapp Vlan Commands Management-vlanid Syntax No vlan enable DefaultCommand Description VlanSyntax Vlan-id vlan-id Vlan-idSyntax No wmm supported required WMM CommandsWMM Commands WmmSyntax Wmm-acknowledge-policy acnumber ack noack Wmm-acknowledge-policyWmmparam AP Access Point BSS Wireless client161 162 Troubleshooting Page Page Page TWISTED-PAIR Cable Assignments Cables and Pinouts10/100BASE-TX PIN Assignments STRAIGHT-THROUGH Wiring Crossover Wiring Pin DIN Ethernet Port Pinout PIN DIN Connector PinoutPIN DIN to RJ-45 Cable Wiring Glossary CSMA/CA Infrastructure Radius Virtual LAN Vlan Glossary-6 Index RTS STA