Approach Description | 3Com WX2200 3CRWX220095A specification

AAA Tools for Network Users 447

Table 38 EAP Authentication Protocols for Local Processing (continued)

EAP Type

Description

Use

Considerations

PEAP-MS-

CHAP-V2

(Protected EAP with Microsoft Challenge Handshake Authentication Protocol version 2)

The wireless client authenticates the server (either the WX switch or a RADIUS server) using TLS to set up an encrypted session. Mutual authentication is performed by MS-CHAP-V2.

Wireless and wired		Only the server
authentication:		side of the
	The PEAP	connection
	The PEAP	requires a
	portion is	requires a
	portion is	certificate.
	processed on the	certificate.
	WX switch.	The client needs
	The	only a username
	The	and password.
	MS-CHAP-V2	and password.
	MS-CHAP-V2

portion is processed on the RADIUS server or locally, depending on the configuration.

* EAP-MD5 does not work with Microsoft wired authentication clients.

Ways a WX Switch Network users with 802.1X support cannot access the network unless they Can Use EAP are authenticated. You can configure a WX switch to authenticate users

with EAP on a group of RADIUS servers and/or in a local user database on the WX, or to offload some authentication tasks from the server group. Table 39 details these three basic WX authentication approaches.

(For information about digital certificates, see Chapter 20, “Managing Keys and Certificates,” on page 413.)

Table 39 Three Basic WX Approaches to EAP Authentication

Approach	Description

Pass-through	An EAP session is established directly between the client and
	RADIUS server, passing through the WX switch. User information
	resides on the server. All authentication information and certificate
	exchanges pass through the switch or use client certificates issued
	by a certificate authority (CA). In this case, the switch does not
	need a digital certificate, although the client might.

Local	The WX switch performs all authentication using information in a
	local user database configured on the switch, or using a
	client-supplied certificate. No RADIUS servers are required. In this
	case, the switch needs a digital certificate. If you plan to use the
	EAP with Transport Layer Security (EAP-TLS) authentication
	protocol, the clients also need certificates.

WX1200 3CRWX120695A, WX4400 3CRWX440095A, WXR100 3CRWXR10095A, WX2200 3CRWX220095A specifications

The 3Com WX2200 (3CRWX220095A), WX4400 (3CRWX440095A), WX1200 (3CRWX120695A), and WXR100 (3CRWXR10095A) are part of a robust suite of wireless networking solutions offered by 3Com, designed to meet the needs of modern enterprise environments. These devices provide reliable connectivity, flexibility, and scalability, making them ideal for businesses of all sizes.

The 3Com WX2200 is a high-performance wireless switch that supports up to 64 access points, making it suitable for medium to large deployments. It boasts advanced features such as dynamic RF management, which optimizes channel selection and power levels based on real-time network conditions. This ensures maximum coverage and minimizes interference, leading to improved user experiences. Additionally, it supports dual-band operation and can seamlessly integrate with various wireless access points, providing enhanced throughput and robust performance.

The WX4400 is designed for high-density environments and offers extensive scalability. It supports up to 128 access points and is equipped with advanced security features, including WPA2 enterprise encryption and role-based access control. This switch also features intelligent load balancing, allowing it to dynamically distribute user traffic across available access points, thus enhancing overall network efficiency.

The WX1200, positioned as an entry-level solution, is well-suited for small to medium-sized businesses. It offers a user-friendly management interface, allowing IT staff to quickly configure and monitor the network. This device supports a variety of deployment scenarios and can be easily integrated into existing infrastructure. It also comes equipped with essential security features to protect the network from unauthorized access.

The WXR100 complements the series by providing simplified management for access points, ensuring that businesses can easily deploy and maintain their wireless networks. It supports various management protocols and integrates with a variety of third-party systems, enhancing inter-operability. With Power over Ethernet (PoE) support, the WXR100 can deliver power to connected access points, reducing the complexity and costs associated with additional power infrastructure.

Together, these solutions embody 3Com's commitment to delivering high-quality networking products that enhance connectivity and performance. With features such as scalability, advanced security, dynamic load balancing, and centralized management, the WX2200, WX4400, WX1200, and WXR100 form a comprehensive wireless networking ecosystem tailored for today’s enterprise challenges.

3Com WX2200 3CRWX220095A Three Basic WX Approaches to EAP Authentication, Approach Description

Models: WX1200 3CRWX120695A WX4400 3CRWX440095A WXR100 3CRWXR10095A WX2200 3CRWX220095A