3Com WL-455 WPA Configuration

55

WPA Configuration

To configure WPA encryption:

1Choose open system, and then click the Required check box on the

authentication page if you want to limit access to clients using WPA

encryption. If you also want to allow WEP clients, do not check this box.

2Select the Cipher Mode, which determines the method by which keys are

computed. WEP is the weakest Multicast Cipher Mode and is only provided

for support of legacy clients which do not fully support WPA. Clients

associated with WPA-TKIP will have unicast packets directed at them with

corresponding encryption keys. However, with WEP selected as the Cipher

Mode, ALL multicast traffic is sent out with WEP encryption. It is

recommended to only select WEP as the Cipher Mode if legacy client support

is critical.

AES - Advanced Encryption Standard (Highest Security)

TKIP—(Temporal Key Integrity Protocol) provides per-packet key mixing, a

message integrity check and a re-keying mechanism

WEP—Provides standard WEP ciphering (Least Secure)

3Select the type of WPA Key Management:

WPA authentication over 802.1x (More secure, but requires a RADIUS

authentication server setup. See WPA note below)

WPA Pre-shared Key (PSK) (see WPA note below)

4Select the Key Type:

Hexadecimal (0~9, A~F; for example, D7 0A 9C 7F E5)

ASCII (0~9, A~F; for example 01234)

5Enter the pre-shared key in the space provided if necessary.

WPA Note:

The WPA key management must match the settings on the Authentication Page.

When using 802.1x, the access point uses session keys provided during the

802.1x EAP key exchange as the “seed key” for WPA. This is more secure than

PSK, since each client starts with a unique session key for all subsequent keys

generated. Otherwise, the PSK is used for the “seed key”.

The 802.1x Wireless Setup on the Authentication Page should be set as follows:

If only one Radio is installed, and “WPA pre-shared key (PSK)” is selected on

the security page, then the 802.1x Wireless Setup can be either “Disabled” or

“Supported” on the Authentication Page.

Contents

Main 3Com Corporation 350 Campus Drive Marlborough, MA 01752-3064 Contents 1 2 3 4 Regulatory Compliance Information Index Page 1 P RODUCT F S PERFORMANCE AND RELIABILITY Virtual Access Point (VAP) Support WDS Bridging and Spanning Tree Protocol (STP) Support M 802.11G WIRELESS NETWORK STANDARD STANDARD NETWORK CONFIGURATION AND PLANNING AD HOC WIRELESS LAN INFRASTRUCTURE WIRELESS LAN INFRASTRUCTURE WIRELESS LAN FOR ROAMING WIRELESS PCS ADVANCED NETWORK CONFIGURATION AND PLANNING PUBLIC/PRIVATE ACCESS POINT SERVICE T Page Page 2 INSTALLATION REQUIREMENTS P OWER R SAFETY INFORMATION DECIDING WHERE TO PLACE EQUIPMENT AND PERFORMING A SITE SURVEY BEFORE YOU BEGIN C ONNECTING THE STANDARD A CONNECTING POWER USING THE INCLUDED AC ADAPTER USING AN OPTIONAL POWER-OVER ETHERNET INJECTOR USING A POWER-OVER-ETHERNET LAN PORT C HECKING THE LED MOUNTING ON A WALL Page FLAT SURFACE INSTALLATION S ELECTING AND C ONNECTING A D IFFERENT A NTENNA M POWER SETTINGS ON THE ACCESS POINT FOR EXTERNAL ANTENNAS European Community INSTALLING SOFTWARE UTILITIES Page 3 USING THE 3COM WIRELESS DEVICE MANAGER LAUNCHING A WIRELESS DEVICE CONFIGURATION Page USING THE PRE-IP CONFIGURATION WIZARD CONFIGURATION LOGIN SETTING THE COUNTRY CODE BASIC SETUP ADVANCED SETUP I TCP/IP S DHCP C WEB SERVERS SMART MONITOR RADIUS Page A Page Page FILTER CONTROL FILTERING BY VLAN ENABLING VLAN FILTERING SECURITY FILTERS CLIENT LIST TIMEOUT UPLINK PORT MAC ADDRESS FILTERING FILTERING BY ETHERNET PROTOCOL TYPE SNMP Trap Destination TRAP CONFIGURATION SNMP U Trap Description (When the Trap is Sent) Default Groups Default Security Levels G SNMP T SNMP F A WDS/STP S CONFIGURATION GUIDELINES RADIO BRIDGE ROLES BRIDGE ADDRESS ENTRY SCANNING FOR WDS LINKS CONFIGURING SPANNING TREE PROTOCOL SETTINGS Link Configuration SYSTEM LOG S RADIO INTERFACE RADIO SETTINGS VIRTUAL ACCESS POINT (VAP) CONFIGURATION ENABLING VIRTUAL ACCESS POINT (VAP) Page CHANGING RADIO SETTINGS Page S SELECTING A VIRTUAL ACCESS POINT (VAP) CONFIGURING AUTHENTICATION CONFIGURING ENCRYPTION WPA Configuration WEP Configuration HOW TO SETUP THE ACCESS POINT FOR RADIUS HOW TO SETUP THE ACCESS POINT FOR WPA WITH 802.1X SESSION KEYS HOW TO SETUP THE ACCESS POINT FOR WPA WITH PRE-SHARED (PSK) KEY WPA CONFIGURATION FOR WINDOWS XP Page Page 4 Page Symptom Solutions Page REGULATORY COMPLIANCE INFORMATION 3Com Wireless LAN Access Point 7250 (Model WL-455, incorporating WL-463 radio module) General Caution: Exposure to Radio Frequency Radiation US - Radio Frequency Requirements US Federal Communications Commission (FCC) EMC Compliance US Manufacturer's FCC Declaration of Conformity Industry Canada - RF Compliance Industry Canada - Emissions Compliance Statement Avis de Conformit la Rglementation d'Industrie Canada Safety Compliance Notice EU Compliance Page EU - Restrictions for Use in the 2.4GHz band Brazil RF Compliance Page I Numbers A B C F G I L M S T U V W