Wi-Fi Protected Access WPA | SMC Networks SMC2555W-AG manual

Radio Interface

Wi-Fi Protected Access (WPA)

WPA employs a combination of several technologies to provide an enhanced security solution for 802.11 wireless networks.

The SMC2555W-AG supports the following WPA components and features:

IEEE 802.1x and the Extensible Authentication Protocol (EAP): WPA employs 802.1x as its basic framework for user authentication and dynamic key management. The 802.1x client and RADIUS server should use an appropriate EAP type—such as EAP-TLS (Transport Layer Security), EAP-TTLS (Tunneled TLS), or PEAP (Protected EAP)—for strongest authentication. Working together, these protocols provide “mutual authentication” between a client, the access point, and a RADIUS server that prevents users from accidentally joining a rogue network. Only when a RADIUS server has authenticated a user’s credentials will encryption keys be sent to the access point and client.

5-57

Image 115

SMC Networks SMC2555W-AG manual Wi-Fi Protected Access WPA

Contents

SMC2555W-AG Page Revision Number R02, F3.0.02 Trademarks Copyright Limited Warranty Limited Warranty Federal Communication Commission Interference Statement Wireless 2.4 Ghz and 5 GHz Band StatementsFCC Radiation Exposure Statement Japan Vcci Class B Australia/New Zealand AS/NZS Industry Canada Class B EC Conformance Declaration Compliances Declaration of Conformity in Languages of the European Operation Using 5 GHz Channels in the European Community Community Viii Power Cord Safety Safety Compliance Cord set must be UL-approved and CSA certified France et Pérou uniquement Xii Xiii Xiv Table of Contents Xvi Command Line Interface Xvii Xviii Glossary Index Table of Contents Chapter Introduction Introduction Package Checklist Rear Panel Hardware DescriptionHardware Description Front Panel Component Description LED IndicatorsAntennas Security Slot Console Port Reset ButtonEthernet Port Features and Benefits Features and BenefitsPower Connector Frequently changing environments Applications System Defaults System Defaults MAC System Defaults Iapp 802.11b/g Introduction Hardware Installation Attaching the Mounting Bracket Hardware Installation Hardware Installation Hardware Installation Network Configuration Ad Hoc Wireless LAN no AP or Bridge Network ConfigurationNetwork Topologies Network Topologies Infrastructure Wireless LAN Infrastructure Wireless LAN for Roaming Wireless PCs Seamless Roaming Network Configuration Required Connections Initial Setup through the CLI Initial Configuration Initial Configuration Steps Initial Setup through the CLI Using the Web-based Management Setup Wizard Using the Web-based Management Setup Wizard Initial Configuration Using the Web-based Management Setup Wizard 802.11g Radio Channel Set the operating radio Using the Web-based Management Setup Wizard Initial Configuration System Configuration System Configuration Advanced Configuration Advanced Configuration System Identification Disabled TCP / IP Settings Advanced Configuration System Configuration SMC-APconfig#interface ethernet Radius Advanced Configuration Authentication fails. Range 1-30 Default SMC-APconfig#radius-server address Authentication Advanced Configuration System Configuration Advanced Configuration Local Allowed Secs Filter Control Number Radius Attribute Value Advanced Configuration Native Vlan AP Management Snmp Advanced Configuration SMC-APconfig#snmp-server host 10.1.19.23 alpha Changing the Password Administration SMC-APconfig#username bob SMC-APconfig#password smcadmin Upgrading Firmware System Configuration Advanced Configuration File Size Enabling System Logging System Log Error Level Description Configuring Sntp System Configuration TAIPEI, Beijing Show sntp command Radio Interface Radio Interface Radio Settings 802.11a Normal Mode Turbo Mode Radio Interface Enter Wireless configuration commands, one per line Enabled Radio Settings 802.11g Radio Interface SMC-APif-wireless g#select-antenna-mode right antenna Ssid Security WEP Wired Equivalent Privacy WEP Radio Interface WEP only WEP over Show interface wireless g command PRE Shared KEY Wi-Fi Protected Access WPA System Configuration Radio Interface System Configuration WPA pre-shared key only WPA over Command not shown in example Show interface wireless a or show interface wireless g Status Information Access Point StatusStatus Information System Configuration Days, 4 hours, 39 minutes Station Status True Event Logs 192.168.1.19 System Configuration Accessing the CLI Using the Command Line InterfaceConsole Connection Telnet Connection Command Line Interface Entering Commands Entering CommandsKeywords and Arguments Minimum Abbreviation Command CompletionGetting Help on Commands Showing Commands Partial Keyword Lookup Using Command History Negating the Effect of CommandsUnderstanding Command Modes Configuration Commands Exec Commands Keystroke Function Command Line Processing Entering Commands Command Description Group Command Groups General Commands General CommandsConfigure Exit End Ping Command UsageSyntax Syntax Reset board configuration ResetShow history Show line Console port settings are fixed at the values shown below Command Function Mode System Management Commands System Clock System Management Commands Country countrycode Country SMC-AP#country ie Syntax System name name no system name PromptSystem name Syntax Prompt string no prompt Syntax Username name Username Syntax Ip http port port-numberno ip http port PasswordSyntax Password password no password Ip http port Ip http server Syntax Ip http server no ip http server Default Setting Logging on Syntax Logging on no logging on Default SettingLogging host Logging console Syntax Logging console no logging console Default Setting Level Argument Description Logging level Show logging Default Setting Command ModeSyntax Show logging Command Mode Logging facility-type Syntax Sntp-server ip 1 2 ip Sntp-server ip Sntp-server enable This example sets the system clock to 1737 June 19 Sntp-server date-time Sntp-server daylight-saving Show sntp Sntp-server timezoneSyntax Sntp-server timezone hours Show system Show version Snmp Commands Snmp CommandsSnmp-server community Syntax Snmp-server contact string no snmp-server contact Snmp-server contact Snmp-server enable server No snmp-server host Snmp-server host Syntax Snmp-server location text no snmp-server location Snmp-server location Show snmp Flash/File Commands Bootfile Flash/File CommandsSyntax Bootfile filename Copy Syntax Copy ftp tftp file copy config ftp tftp Delete File information is shown below Dir Radius Client Radius Client Radius-server port Radius-server addressSyntax Radius-server secondary port portnumber Syntax Radius-server secondary retransmit numberofretries Radius-server keyRadius-server retransmit Syntax Radius-server secondary key keystring Syntax Radius-server secondary timeout numberofseconds Radius-server timeout Show radius 802.1x Port Authentication 802.1x 802.1x Port AuthenticationSyntax 802.1x supported required no Syntax 802.1x broadcast-key-refresh-rate rate 802.1x broadcast-key-refresh-rate Syntax 802.1x session-key-refresh-rate rate 802.1x session-key-refresh-rate Syntax Address filter default allowed denied 802.1x session-timeoutAddress filter default Default Syntax Address filter entry mac-addressallowed denied Address filter entry Syntax Address filter delete mac-address Address filter delete Syntax Mac-authentication server local remote Mac-authentication server Syntax Mac-authentication session-timeout seconds Mac-authentication session-timeout Show authentication Syntax Filter local-bridge no filter local-bridge Default Filtering CommandsFilter local-bridge Syntax Filter ap-manage no filter ap-manage Default Filtering CommandsFilter ap-manage Filter ethernet-type enable Filter ethernet-type protocol Show filters Interface Commands Interface Commands IC-W Transmit-power Interface Syntax Interface ethernet wireless a gDns server This example specifies two domain-name servers Ip address IP address Netmask Ip dhcp Syntax Ip dhcp no ip dhcp Default Setting Syntax Show interface ethernet Syntax Shutdown no shutdown Default SettingShutdown Show interface ethernet Syntax Radio-mode b g b+g Radio-mode Syntax Select-antenna-mode diversity right antenna Select-antenna-mode Syntax Description string no description Syntax Ssid-broadcast no ssid-broadcast Default SettingDescription Ssid-broadcast Syntax Speed speed Speed Syntax Channel channel auto Channel Turbo Beacon-interval SsidSyntax Beacon-interval interval Syntax Dtim-period interval Dtim-period Fragmentation-length Default Setting 2346 Command ModeSyntax Fragmentation-length length Syntax Rts-threshold threshold Rts-threshold Syntax Authentication open shared Encryption Key index size type value no key index Key Syntax Transmit-key index Transmit-key Transmit-powersignal-strength Transmit-power Syntax Max-association count Max-association Syntax Multicast-cipher AES Tkip WEP Multicast-cipher Syntax Wpa-clients required supported Wpa-clients Enhanced Data Encryption through Tkip Syntax Wpa-mode dynamic pre-shared-key Wpa-mode Syntax Wpa-preshared-key type value Wpa-preshared-key Syntax Wpa-psk-type type Wpa-psk-type Syntax Show interface wireless a g Show interface wireless Ssid SMC Show station Syntax Iapp no iapp Default Iapp CommandsIapp Vlan Commands Vlan Commands Command Description Syntax Vlan enable no vlan DefaultVlan Syntax Native-vlanid vlan-id Native-vlanid 102 Appendix a Troubleshooting Troubleshooting Troubleshooting Important Notice Maximum Distance Table Twisted-Pair Cable Assignments Appendix B Cables and Pinouts 10/100BASE-TX Pin Assignments Cables and Pinouts Crossover Wiring Straight-Through WiringTwisted-Pair Cable Assignments Console Port Pin Assignments Wiring Map for Serial Cable Serial Cable Signal Directions for DB-25 Ports Serial Cable Signal Directions for DB-9 PortsConsole Port Pin Assignments Cables and Pinouts General Specifications Specifications General Specifications Ieee 802.11a Sensitivity GHz dBm Modulation/Rates Sensitivity Transmit Power Specifications Advanced Encryption Standard AES Access PointAuthentication Ad Hoc Glossary File Transfer Protocol FTP Extended Service Set ESSExtensible Authentication Protocol EAP Ethernet Ieee Inter Access Point Protocol IappIeee 802.11b Ieee 802.11g Orthogonal Frequency Division Multiplexing Odfm Power over Ethernet PoENetwork Time Protocol NTP Open System Simple Network Management Protocol Snmp Service Set Identifier SsidSession Key Shared Key WPA Pre-shared Key PSK Wi-Fi Protected AccessTrivial File Transfer Protocol Tftp Virtual LAN Vlan Glossary-8 Index Index Index-3 Index-4 Page For Technical SUPPORT, Call