Manuals / 3Com / Computer Equipment / Network Router

3Com WL-575, 3CRWEASYA73 manual 141

Models: WL-575 3CRWEASYA73

1 293
Download 293 pages 26.87 Kb
Page 253
Image 253

Using the Command Line Interface

To use WEP shared-key authentication, set the authentication type to “shared-key” and define at least one static WEP key with the key command. Encryption is automatically enabled by the command.

To use WEP encryption only (no authentication), set the authentication type to “open-system.”Then enable WEP with the encryption command, and define at least one static WEP key with the key command.

When any WPA or WPA2 option is selected, clients are authenticated using 802.1X via a RADIUS server. Each client must be WPA-enabled or support 802.1X client software. The 802.1X settings (see “802.1X Authentication” on page 71) and RADIUS server details (see “RADIUS Client” on page 65) must be configured on the access point. A RADIUS server must also be configured and be available in the wired network.

If a WPA/WPA2 mode that operates over 802.1X is selected (WPA, WPA2, WPA-WPA2-mixed, or WPA-WPA2-PSK-mixed), the 802.1X settings (see “802.1X Authentication” on page 71) and RADIUS server details (see “RADIUS Client” on page 65) must be configured. Be sure you have also configured a RADIUS server on the network before enabling authentication. Also, note that each client has to be WPA-enabled or support 802.1X client software. A RADIUS server must also be configured and be available in the wired network.

If a WPA/WPA2 Pre-shared Key mode is selected (WPA-PSK, WPA2-PSK or WPA-WPA2-PSK-mixed), the key must first be generated and distributed to all wireless clients before they can successfully associate with the access point. Use the wpa-preshared-key command to configure the key (see “key” on page 143 and “transmit-key” on page 144).

WPA2 defines a transitional mode of operation for networks moving from WPA security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2 clients to associate to a common VAP interface. When the encryption cipher suite is set to TKIP, the unicast encryption cipher (TKIP or AES-CCMP) is negotiated for each client. The access point advertises it’s supported encryption ciphers in beacon frames and probe responses. WPA and WPA2 clients select the cipher they support and return the choice in the association request to the access point. For mixed-mode operation, the cipher used for broadcast frames is always TKIP. WEP encryption is not allowed.

The “required” option places the VAP into TKIP only mode. The “supported” option places the VAP into TKIP+AES+WEP mode. The “required” mode is used in WPA-only environments.

The “supported” mode can be used for mixed environments with legacy WPA products, specifically WEP. (For example, WPA+WEP. The WPA2+WEP environment is not available because WPA2 does not support

6-141

Page 252 Page 254
Page 253
Image 253
3Com WL-575, 3CRWEASYA73 manual 141
Page 252 Page 254