802.1x Port Authentication | SMC Networks SMC2555W-AG specs

Command Line Interface

802.1x Port Authentication

The access point supports IEEE 802.1x access control for wireless clients. This control feature prevents unauthorized access to the network by requiring a 802.1x client application to submit user credentials for authentication. Client authentication is then verified via by a RADIUS server using EAP (Extensible Authentication Protocol) before the access point grants client access to the network.

Command	Function	Mode	Page

802.1x	Configures 802.1x as disabled,	GC	6-51
	supported, or required

802.1x	Sets the interval at which the primary	GC	6-52
broadcast-key-	broadcast keys are refreshed for
refresh-rate	stations using 802.1x dynamic keying

802.1x	Sets the interval at which unicast	GC	6-53
session-key-	session keys are refreshed for
refresh-rate	associated stations using dynamic
	keying

802.1x	Sets the timeout after which a	GC	6-54
session-timeout	connected client must be
	re-authenticated

address filter	Sets filtering to allow or deny listed	GC	6-54
default	addresses

address filter	Enters a MAC address in the filter	GC	6-55
entry	table

address filter	Removes a MAC address from the	GC	6-56
delete	filter table

mac-	Sets address filtering to be performed	GC	6-57
authentication	with local or remote options
server

6-50

Image 178

SMC Networks SMC2555W-AG manual 802.1x Port Authentication

Contents

SMC2555W-AG Page Revision Number R02, F3.0.02 Copyright Trademarks Limited Warranty Limited Warranty Federal Communication Commission Interference Statement Wireless 2.4 Ghz and 5 GHz Band StatementsFCC Radiation Exposure Statement Industry Canada Class B Japan Vcci Class B Australia/New Zealand AS/NZS EC Conformance Declaration Compliances Operation Using 5 GHz Channels in the European Community Declaration of Conformity in Languages of the European Viii Community Safety Compliance Power Cord Safety Cord set must be UL-approved and CSA certified France et Pérou uniquement Xii Xiii Xiv Table of Contents Command Line Interface Xvi Xvii Xviii Glossary Index Table of Contents Chapter Introduction Package Checklist Introduction Front Panel Hardware DescriptionHardware Description Rear Panel Component Description LED IndicatorsAntennas Security Slot Console Port Reset ButtonEthernet Port Features and Benefits Features and BenefitsPower Connector Applications Frequently changing environments System Defaults System Defaults MAC System Defaults Iapp 802.11b/g Introduction Hardware Installation Hardware Installation Attaching the Mounting Bracket Hardware Installation Hardware Installation Network Configuration Ad Hoc Wireless LAN no AP or Bridge Network ConfigurationNetwork Topologies Infrastructure Wireless LAN Network Topologies Infrastructure Wireless LAN for Roaming Wireless PCs Seamless Roaming Network Configuration Initial Setup through the CLI Required Connections Initial Configuration Initial Setup through the CLI Initial Configuration Steps Using the Web-based Management Setup Wizard Using the Web-based Management Setup Wizard Initial Configuration Using the Web-based Management Setup Wizard 802.11g Radio Channel Set the operating radio Using the Web-based Management Setup Wizard Initial Configuration System Configuration Advanced Configuration System Configuration Advanced Configuration System Identification Disabled TCP / IP Settings Advanced Configuration System Configuration SMC-APconfig#interface ethernet Radius Advanced Configuration Authentication fails. Range 1-30 Default SMC-APconfig#radius-server address Authentication Advanced Configuration System Configuration Advanced Configuration Local Allowed Secs Filter Control Number Radius Attribute Value Advanced Configuration Native Vlan AP Management Snmp Advanced Configuration SMC-APconfig#snmp-server host 10.1.19.23 alpha Administration Changing the Password SMC-APconfig#username bob SMC-APconfig#password smcadmin Upgrading Firmware System Configuration Advanced Configuration File Size System Log Enabling System Logging Error Level Description Configuring Sntp System Configuration Show sntp command TAIPEI, Beijing Radio Interface Radio Settings 802.11a Radio Interface Normal Mode Turbo Mode Radio Interface Enter Wireless configuration commands, one per line Enabled Radio Settings 802.11g Radio Interface SMC-APif-wireless g#select-antenna-mode right antenna Ssid Security WEP Wired Equivalent Privacy WEP Radio Interface WEP only WEP over Show interface wireless g command PRE Shared KEY Wi-Fi Protected Access WPA System Configuration Radio Interface System Configuration WPA pre-shared key only WPA over Show interface wireless a or show interface wireless g Command not shown in example Status Information Access Point StatusStatus Information System Configuration Days, 4 hours, 39 minutes Station Status True Event Logs 192.168.1.19 System Configuration Accessing the CLI Using the Command Line InterfaceConsole Connection Command Line Interface Telnet Connection Entering Commands Entering CommandsKeywords and Arguments Showing Commands Command CompletionGetting Help on Commands Minimum Abbreviation Partial Keyword Lookup Using Command History Negating the Effect of CommandsUnderstanding Command Modes Exec Commands Configuration Commands Command Line Processing Keystroke Function Entering Commands Command Groups Command Description Group General Commands General CommandsConfigure End Exit Ping Command UsageSyntax Syntax Reset board configuration ResetShow history Console port settings are fixed at the values shown below Show line System Management Commands Command Function Mode System Management Commands System Clock Country Country countrycode SMC-AP#country ie Syntax Prompt string no prompt PromptSystem name Syntax System name name no system name Username Syntax Username name Ip http port PasswordSyntax Password password no password Syntax Ip http port port-numberno ip http port Syntax Ip http server no ip http server Default Setting Ip http server Logging on Syntax Logging on no logging on Default SettingLogging host Syntax Logging console no logging console Default Setting Logging console Logging level Level Argument Description Logging facility-type Default Setting Command ModeSyntax Show logging Command Mode Show logging Sntp-server ip Syntax Sntp-server ip 1 2 ip Sntp-server enable Sntp-server date-time This example sets the system clock to 1737 June 19 Sntp-server daylight-saving Show sntp Sntp-server timezoneSyntax Sntp-server timezone hours Show system Show version Snmp Commands Snmp CommandsSnmp-server community Snmp-server contact Syntax Snmp-server contact string no snmp-server contact Snmp-server enable server Snmp-server host No snmp-server host Snmp-server location Syntax Snmp-server location text no snmp-server location Flash/File Commands Show snmp Bootfile Flash/File CommandsSyntax Bootfile filename Syntax Copy ftp tftp file copy config ftp tftp Copy Delete Dir File information is shown below Radius Client Radius Client Radius-server port Radius-server addressSyntax Radius-server secondary port portnumber Syntax Radius-server secondary key keystring Radius-server keyRadius-server retransmit Syntax Radius-server secondary retransmit numberofretries Radius-server timeout Syntax Radius-server secondary timeout numberofseconds Show radius 802.1x Port Authentication 802.1x 802.1x Port AuthenticationSyntax 802.1x supported required no 802.1x broadcast-key-refresh-rate Syntax 802.1x broadcast-key-refresh-rate rate 802.1x session-key-refresh-rate Syntax 802.1x session-key-refresh-rate rate Default 802.1x session-timeoutAddress filter default Syntax Address filter default allowed denied Address filter entry Syntax Address filter entry mac-addressallowed denied Address filter delete Syntax Address filter delete mac-address Mac-authentication server Syntax Mac-authentication server local remote Mac-authentication session-timeout Syntax Mac-authentication session-timeout seconds Show authentication Syntax Filter local-bridge no filter local-bridge Default Filtering CommandsFilter local-bridge Syntax Filter ap-manage no filter ap-manage Default Filtering CommandsFilter ap-manage Filter ethernet-type enable Filter ethernet-type protocol Interface Commands Show filters Interface Commands IC-W Transmit-power Interface Syntax Interface ethernet wireless a gDns server Ip address This example specifies two domain-name servers IP address Netmask Syntax Ip dhcp no ip dhcp Default Setting Ip dhcp Show interface ethernet Syntax Shutdown no shutdown Default SettingShutdown Syntax Show interface ethernet Radio-mode Syntax Radio-mode b g b+g Select-antenna-mode Syntax Select-antenna-mode diversity right antenna Ssid-broadcast Syntax Ssid-broadcast no ssid-broadcast Default SettingDescription Syntax Description string no description Speed Syntax Speed speed Channel Syntax Channel channel auto Turbo Beacon-interval SsidSyntax Beacon-interval interval Dtim-period Syntax Dtim-period interval Fragmentation-length Default Setting 2346 Command ModeSyntax Fragmentation-length length Rts-threshold Syntax Rts-threshold threshold Syntax Authentication open shared Encryption Key Key index size type value no key index Transmit-key Syntax Transmit-key index Transmit-power Transmit-powersignal-strength Max-association Syntax Max-association count Multicast-cipher Syntax Multicast-cipher AES Tkip WEP Wpa-clients Syntax Wpa-clients required supported Enhanced Data Encryption through Tkip Wpa-mode Syntax Wpa-mode dynamic pre-shared-key Wpa-preshared-key Syntax Wpa-preshared-key type value Wpa-psk-type Syntax Wpa-psk-type type Show interface wireless Syntax Show interface wireless a g Ssid SMC Show station Syntax Iapp no iapp Default Iapp CommandsIapp Vlan Commands Vlan Commands Command Description Syntax Vlan enable no vlan DefaultVlan Native-vlanid Syntax Native-vlanid vlan-id 102 Appendix a Troubleshooting Troubleshooting Troubleshooting Maximum Distance Table Important Notice Appendix B Cables and Pinouts Twisted-Pair Cable Assignments Cables and Pinouts 10/100BASE-TX Pin Assignments Crossover Wiring Straight-Through WiringTwisted-Pair Cable Assignments Wiring Map for Serial Cable Console Port Pin Assignments Serial Cable Signal Directions for DB-25 Ports Serial Cable Signal Directions for DB-9 PortsConsole Port Pin Assignments Cables and Pinouts General Specifications Specifications General Specifications Sensitivity Ieee 802.11a Sensitivity GHz dBm Modulation/Rates Transmit Power Specifications Ad Hoc Access PointAuthentication Advanced Encryption Standard AES Glossary Ethernet Extended Service Set ESSExtensible Authentication Protocol EAP File Transfer Protocol FTP Ieee 802.11g Inter Access Point Protocol IappIeee 802.11b Ieee Open System Power over Ethernet PoENetwork Time Protocol NTP Orthogonal Frequency Division Multiplexing Odfm Shared Key Service Set Identifier SsidSession Key Simple Network Management Protocol Snmp Virtual LAN Vlan Wi-Fi Protected AccessTrivial File Transfer Protocol Tftp WPA Pre-shared Key PSK Glossary-8 Index Index Index-3 Index-4 Page For Technical SUPPORT, Call