Manuals / Enterasys Networks / Computer Equipment / Network Router

Enterasys Networks RBT-4102 manual 802.1x Authentication

Models: RBT-4102

1 168
Download 168 pages 49.88 Kb
Page 119
Image 119
–Hexadecimal uses a key made up of a string of 64 hexadecimal numbers.

Security

Supported ‐ allows WPA‐enabled clients and clients only capable of supporting WEP to access the network.

WPA Key Management: You can configure WPA to work in an enterprise environment using IEEE 802.1x and a RADIUS server for user authentication. For smaller networks, you can configure WPA using a common pre‐shared key for client authentication with the access point.

WPA authentication over 802.1x sets this radio interface or VAP to the WPA enterprise mode. This mode uses IEEE 802.1x to authenticate users and to dynamically distribute encryption keys to clients.

WPA Pre‐shared Key sets this radio interface or VAP to the WPA mode for small networks. This mode uses a common password string that is manually distributed. You must configure all wireless clients associated with this radio interface or VAP with the same key. You must specify the key string under the WPA Pre‐Shared Key Type section of the Security Settings page.

Multicast Cipher Mode selects an encryption method for the global key used for multicast and broadcast traffic, which is supported by all wireless clients associated with this radio interface or VAP.

WEP specifies that communicating devices must use the same WEP key to encrypt and decrypt radio signals. WEP has many security flaws, and is not recommended for transmitting highly‐sensitive data.

TKIP provides data encryption enhancements including per‐packet key hashing (that is, changing the encryption key on each packet), a message integrity check, an extended initialization vector with sequencing rules, and a re‐keying mechanism.

AES designated by the National Institute of Standards and Technology as the successor to the Data Encryption Standard (DES) encryption algorithm.

WPA Pre‐shared Key Type specifies the WPA pre‐shared key type and the key for client authentication with this radio interface or VAP. If you use the WPA pre‐shared‐key, you must configure all wireless clients with the same key entered here to communicate with this interface or VAP.

Hexadecimal uses a key made up of a string of 64 hexadecimal numbers.

WPA Pre‐Shared Key specifies the pre‐shared key in the appropriate format for the type of key you selected: a string of 64 hexadecimal numbers, or a string of 8 to 63 alphanumeric characters.

802.1x Authentication:

Wireless clients can be authenticated for network access by checking their MAC address against the local database configured on the access point, or by using the IEEE 802.1x network access authentication protocol to look up their MAC addresses on a RADIUS server. The 802.1x protocol can also be configured to check other user credentials such as a user name and password.

802.1x Setup. IEEE 802.1x is a standard framework for network access control that uses a central RADIUS server for user authentication. This control feature prevents unauthorized access to the network by requiring an 802.1x client application to submit user credentials for authentication. The 802.1x standard uses the Extensible Authentication Protocol (EAP) to pass user credentials (either digital certificates, user names and passwords, or other) from the client to the RADIUS server. Client authentication is then verified on the RADIUS server before the access point grants client access to the network.

RoamAbout RBT-4102 Wireless Access Point Configuration Guide 4-83

Page 118 Page 120
Page 119
Image 119
Enterasys Networks RBT-4102 802.1x Authentication, Hexadecimal uses a key made up of a string of 64 hexadecimal numbers
Page 118 Page 120