Radio Interface 6

CLI Commands for WPA Over 802.1X Security – First set 802.1X to required using the 802.1X command and set the 802.1X key refresh rates. Then 802.11g interface configuration mode, use the vap command to access each VAP interface to configure other security settings.

From the VAP interface configuration mode, use the authentication command to select open system authentication and the encryption command to enable data encryption. Use the wpa-clientscommand to set WPA to be required or supported for clients. Use the wpa-modecommand to enable WPA dynamic keys over 802.1X. Set the broadcast and multicast key encryption using the multicast-ciphercommand. To view the current security settings use the show interface wireless g 0 command (not shown in example).

Enterprise AP(config)#interface wireless g

7-88

Enter Wireless configuration

commands, one per line.

 

Enterprise AP(if-wireless g)#vap 0

 

Enterprise AP(if-wireless g: VAP[0])#802.required

7-65

Enterprise AP(if-wireless g: VAP[0])#802.1X

 

broadcast-key-refresh-rate 5

7-66

Enterprise AP(if-wireless g: VAP[0])#802.1X

 

session-key-refresh-rate 5

 

7-67

Enterprise AP(if-wireless g: VAP[0])#802.1X session-timeout 300

7-67

Enterprise AP(if-wireless g: VAP[0])#authentication open

7-117

Enterprise AP(if-wireless g: VAP[0])#encryption

7-116

Enterprise AP(if-wireless g: VAP[0])#wpa-clients required

7-121

Enterprise AP(if-wireless g: VAP[0])#multicast-cipher TKIP

7-119

Enterprise AP(if-wireless g: VAP[0])#

 

 

 

 

Configuring 802.1X

IEEE 802.1X is a standard framework for network access control that uses a central RADIUS server for user authentication. This control feature prevents unauthorized access to the network by requiring an 802.1X client application to submit user credentials for authentication. The 802.1X standard uses the Extensible Authentication Protocol (EAP) to pass user credentials (either digital certificates, user names and passwords, or other) from the client to the RADIUS server. Client authentication is then verified on the RADIUS server before the access point grants client access to the network.

The 802.1X EAP packets are also used to pass dynamic unicast session keys and static broadcast keys to wireless clients. Session keys are unique to each client and are used to encrypt and correlate traffic passing between a specific client and the access point. You can also enable broadcast key rotation, so the access point provides a dynamic broadcast key and changes it at a specified interval.

6-79

Page 126
Image 126
SMC Networks SMC2552W-G2-17 manual Configuring

SMC2552W-G2-17, SMC2552W-G2 specifications

The SMC Networks SMC2552W-G2 and SMC2552W-G2-17 are advanced wireless access points designed for a range of networking environments, offering robust features suited to both home and business applications. These devices are known for their reliable performance, making them a popular choice for those seeking to enhance network connectivity and coverage.

One of the primary features of the SMC2552W-G2 is its dual-band capability, operating on both the 2.4 GHz and 5 GHz frequency bands. This versatility allows users to take advantage of the high capacity of the 5 GHz band, which is less congested and ideal for activities that require substantial bandwidth, such as streaming and online gaming. The 2.4 GHz band, on the other hand, provides better penetration through walls and is more suitable for basic browsing and mobile device connectivity.

Another significant characteristic is the device's support for the 802.11n Wi-Fi standard, which enables data rates of up to 300 Mbps. This standard ensures a fast and stable wireless connection, facilitating a seamless online experience for multiple devices simultaneously. The integration of MIMO (Multiple Input Multiple Output) technology further enhances the performance, allowing for multiple data streams to be transmitted and received, significantly increasing throughput and range.

The SMC2552W-G2 series also boasts advanced security features, including WPA/WPA2 encryption and support for 802.1X authentication. These security protocols provide robust protection against unauthorized access and ensure that data transmitted over the network remains secure.

In terms of management, these access points offer both web-based and SNMP (Simple Network Management Protocol) interfaces, enabling users to easily configure and monitor the network settings. This user-friendly interface simplifies the process of overseeing network performance and troubleshooting issues when they arise.

The SMC2552W-G2 and SMC2552W-G2-17 are designed for easy installation, whether as stand-alone units or as part of a larger network. Their compact design allows for flexible mounting options, making them suitable for various environments.

In summary, the SMC Networks SMC2552W-G2 and SMC2552W-G2-17 provide an excellent combination of speed, security, and ease of management, making them ideal solutions for enhancing wireless connectivity in both home and office settings. Their dual-band functionality, compliance with the latest Wi-Fi standards, and comprehensive security measures ensure a reliable and efficient networking experience.