Manuals / Brands / Computer Equipment / Network Router / Fortress Technologies / Computer Equipment / Network Router

Fortress Technologies ecure Wireless Access Bridge 802.1X Security, WPA, WPA2 and WPA-Mixed Security

1 144

Download 144 pages, 5.09 Mb

Fortress Bridge: Configuration

33

WEP Key Type - WEP keys can be composed of an ASCII

(plaintext) passphrase or hexadecimal string. Hex is the default.

WEP Keys 1–4 - You must manually enter at least one static

key to be used in Open WEP and Shared WEP transactions,

within the specifications you set in the two fields above, which

determine the usable key lengths for these fields.

Use the radio button to select the default transmit key: the key

to be used when transmitting multicast/broadcast messages on

the network.

802.1X Security

802.1X security uses WEP encryption with dynamically

generated keys rather than static keys for encryption.

The dynamic keys used when you select a Security Suite of

802.1X are generated and exchanged automatically at user-

specified intervals. This interval is the only additional setting

required for 802.1X security. Specify the interval in seconds in

the 802.1X Rekey Period field. Whole numbers between 0 and

99999, inclusive, are allowed. A value of 0 (zero), disables the

rekeying function; the keys used by connecting devices will

remain unchanged for the duration of their sessions.

WPA, WPA2 and WPA-Mixed Security

WPA (Wi-Fi Protected Access) and WPA2 are the enterprise

modes of these two WPA types (as distinguished from the pre-

shared key modes described below).

You can specify that WPA or WPA2 be used exclusively on a

given VAP, or you can configure a single VAP to be able to use

either (by selecting WPA-Mixed), depending on the WPA type in

use by the connecting device.

Table 3.2. Usable WEP Key Lengths

bit-length in hex in ASCII

104-bit 13 digits 7 characters

40-bit 10 digits 5 characters

detail:

Contents

Main Page Fortress Bridge i Page Table of Contents 1 Introduction 1 2 Installation 6 Indoor Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3 Configuration 21 The Bridge GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 LAN Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Radio Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 4 Administration 52 5 Monitoring and Diagnostics 68 6 Command-Line Interface 80 Administration in the Bridge CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Monitoring and Diagnostics in the CLI . . . . . . . . . . . . . . . . . . . . . .101 WLAN Wireless Extension Tools . . . . . . . . . . . . . . . . . . . . . . . . . .104 Page Chapter 1 Introduction 1.1 Fortress Secure Wireless Access Bridge 1.1.1 Management Interfaces 1.2 Network Security Overview 1.3 The Fortress Security System 1.3.1 Multi-factor Authentication 1.3.2 Strong Encryption at the MAC Layer 1.3.3 System Components 1.3.4 Operating Modes Page 1.4 This Document 1.4.1 Document Conventions 1.4.2 Related Documents Chapter 2 Installation 2.1 Introduction 2.1.1 System Requirements 2.1.2 Compatibility 2.2 Preparation 2.2.1 Shipped and Optional Parts Page Page Page 2.3 Installation Instructions 2.4 Outdoor Installation 2.4.1 Connecting the Bridge for Preconfiguration 2.4.2 Preconfiguring the Bridge for Outdoor Operation Page Page Page 2.4.3 Weatherizing the Bridge To install the Weatherizing Kit: Page 2.4.4 Mast Mounting the Bridge To install the Mast-Mounting Kit: 2.4.5 Reconnecting the Bridge for Outdoor Operation 2.5 Indoor Installation 2.5.1 Connecting the Bridge for Indoor Operation 2.5.2 Configuring the Bridge for Indoor Operation Chapter 3 Configuration 3.1 The Bridge GUI 3.1.1 User Accounts 3.1.2 Accessing the GUI To access the Bridge GUI: 3.2 LAN Settings 3.2.1 Spanning Tree Protocol 3.2.2 WAN Port Encryption To reconfigure Bridge LAN settings: 3.3 Radio Settings 3.3.1 Radio State, Band and Mode Settings 3.3.2 Radio Transmission and Reception Settings Page Page 3.3.3 Configuring Basic Radio Settings 3.3.4 Virtual Radio Interface Settings Page Page Cleartext Security Fortress Security Open WEP and Shared WEP 802.1X Security WPA, WPA2 and WPA-Mixed Security WPA-PSK, WPA2-PSK and WPA-Mixed-PSK Security 3.4 802.1X Server and LAN Port Settings 3.4.1 802.1X Authentication Server To configure the Bridge for use with an external 802.1X authentication server: 3.4.2 LAN Port 802.1X Settings 3.5 Bridge Passwords Page 3.6.1 Operating Mode To change the Bridge operating mode: 3.6.2 Secure Shell Access To configure SSH access to the Bridge CLI: 3.6.3 Encryption Algorithm To change the Bridge encryption algorithm: 3.6.4 Re-keying Interval To change the Bridges re-keying interval: 3.6.5 Access ID To change the Bridges Access ID 3.6.6 Non-802.1X Authentication Global and Default Settings To enable/disable all authentication: To configure an external RADIUS server: To enable/disable device authentication: To configure maximum authentication attempts: To enable/disable user session timeout login prompts: To configure default idle and session timeouts for authenticated users: To configure the default user authentication and device state for authenticating devices: 3.7 Blackout Mode To enable/disable blackout mode: 3.8 System Date and Time To change the date and time on the Bridge: 3.9 Restoring Default Settings 3.10 Front-Panel Operation 3.10.1 Mode Selection from the Front Panel Page 3.10.2 Rebooting the Bridge from the Front Panel 3.10.3 Restoring Defaults from the Front Panel Chapter 4 Administration 4.1 Device Authentication 4.1.1 Maximum Device Authentication Retries 4.1.1 Default Device Authentication Settings 4.1.2 Individual Device Authentication Settings To edit a device: To delete one or more devices: 4.2 User Authentication 4.2.1 Maximum User Authentication Retries 4.2.1 Default User Authentication Settings 4.2.2 Individual User Authentication Settings To add a user: To edit a user account: To delete a user account: 4.3 Trusted Devices 4.3.1 Adding Trusted Devices To add a Trusted Device: 4.3.1 Editing Trusted Devices 4.3.2 Deleting Trusted Devices 4.3.3 Visitor Access through Trusted Devices 4.4 SNMP Settings 4.4.1 Configuring SNMP 4.5 Backing Up and Restoring Page 4.5.1 Backing Up the Bridge Configuration 4.5.2 Restoring from a Backup File 4.6 Software Versions and Upgrades 4.6.1 Viewing Current Software Version 4.6.2 Upgrading Bridge Software Page 4.7 Rebooting the Bridge Page 5.1.1 Traffic Statistics 5.1.2 Interface Statistics 5.1.3 Radio Statistics 5.2 Tracking Page 5.3 AP Associations 5.4 View Log Page 5.5 Diagnostics 5.5.1 Pinging a Device 5.5.2 Tracing a Packet Route 5.5.3 Flushing the Host MAC Database 5.5.4 Generating a Diagnostics File Page can exhibit: 5.6.2 Radio LEDs The upper LED can exhibit: The lower LED can exhibit: Both upper and lower LEDs can exhibit: All four Radio LEDs can exhibit: 5.6.3 Port LEDs Chapter 6 Command-Line Interface 6.1 Introduction 6.1.1 CLI Administrative Modes 6.1.2 Accessing the CLI through the Serial Port 6.1.3 Accessing the CLI Remotely 6.1.4 Logging On and Off the CLI 6.2 Getting Help in the CLI 6.3 Command Syntax 6.4 Configuration in the Bridge CLI 6.4.1 LAN Settings in the CLI 6.4.2 Spanning Tree Protocol in the CLI associated with the Bridges antenna port 1 (ANT1), while , at which point the Bridge Mode option will be inserted dynamically, as shown below. Page Page Page 6.4.4 Bridge Passwords in the CLI 6.4.5 Security Settings in the CLI Page Page Page 6.4.6 System Date and Time in the CLI 6.4.7 Restoring Default Settings in the CLI 6.4.8 Non-802.1X Authentication Settings in the CLI Page 6.4.9 802.1X Authentication Settings in the CLI Page 6.5 Administration in the Bridge CLI 6.5.1 Trusted Devices in the CLI 6.5.2 SNMP Settings in the CLI 6.5.3 Viewing the Software Version in the CLI 6.5.4 Restarting the Bridge in the CLI 6.6 Monitoring and Diagnostics in the CLI 6.6.1 Viewing a Summary Overview of the Bridge 6.6.2 Viewing System Uptime in the CLI 6.6.3 Partners Tracking in the CLI 6.6.4 Host Tracking in the CLI 6.6.5 AP Associations in the CLI 6.6.6 Viewing the System Log in the CLI 6.6.7 Pinging a Device 6.6.8 Tracing a Packet Route 6.7 WLAN Wireless Extension Tools 6.7.1 Creating a Wireless Extension Tools Script 6.8 Secure Automatic Configuration 6.8.1 Preconfiguring a New Network Deployment with SAC Page Page 6.8.2 Reconfiguring Network Settings with SAC Page 6.8.3 Adding and Deleting Network Bridges with SAC Page Page Fortress Bridge: Fortress Security System Overview 114 Chapter 7 Specifications 7.1 Hardware Specifications 7.1.3 Environmental 7.1.1 Performance 7.1.2 Physical Fortress Bridge: Fortress Security System Overview 7.2 RJ-45-to-DB9 Console Port Adapter Logical Interface Physical Interface Page Chapter 8 Troubleshooting Page Index Page Page Page Page Page Page Page Page Glossary Rijndael algorithm Fortress Secure Wireless Access Bridge Fortress Secure Client Fortress Security Controller Layer 2 OSI Layer 2 Data Link Layer fails over SCB Fortress Security Gateway Bridge Fortress Page Information Technologies Access ID packet Fortress Secure Client Bridge Fortress Secure Client Fortress Security Gateway Fortress Secure Client Bridge