Enhanced Data Encryption through Tkip | SMC Networks SMC2555W-AG

Interface Commands

Command Usage

Wi-Fi Protected Access (WPA) provides improved data encryption, which was weak in WEP, and user authentication, which was largely missing in WEP. WPA uses the following security mechanisms.

Enhanced Data Encryption through TKIP

WPA uses Temporal Key Integrity Protocol (TKIP). TKIP provides data encryption enhancements including per-packet key hashing (i.e., changing the encryption key on each packet), a message integrity check, an extended initialization vector with sequencing rules, and a re-keying mechanism.

Enterprise-level User Authentication via 802.1x and EAP

To strengthen user authentication, WPA uses 802.1x and the Extensible Authentication Protocol (EAP). Used together, these protocols provide strong user authentication via a central RADIUS authentication server that authenticates each user on the network before they join it. WPA also employs “mutual authentication” to prevent a wireless client from accidentally joining a rogue network.

Example

SMC-AP(if-wireless g)#wpa-client required

SMC-AP(if-wireless g)#

Related Commands

wpa-mode (page 6-92)

6-91

Image 219

SMC Networks SMC2555W-AG manual Enhanced Data Encryption through Tkip

Contents

SMC2555W-AG Page Revision Number R02, F3.0.02 Trademarks Copyright Limited Warranty Limited Warranty Wireless 2.4 Ghz and 5 GHz Band Statements Federal Communication Commission Interference StatementFCC Radiation Exposure Statement Japan Vcci Class B Australia/New Zealand AS/NZS Industry Canada Class B EC Conformance Declaration Compliances Declaration of Conformity in Languages of the European Operation Using 5 GHz Channels in the European Community Community Viii Power Cord Safety Safety Compliance Cord set must be UL-approved and CSA certified France et Pérou uniquement Xii Xiii Xiv Table of Contents Xvi Command Line Interface Xvii Xviii Glossary Index Table of Contents Chapter Introduction Introduction Package Checklist Rear Panel Hardware DescriptionHardware Description Front Panel LED Indicators Component DescriptionAntennas Security Slot Reset Button Console PortEthernet Port Features and Benefits Features and BenefitsPower Connector Frequently changing environments Applications System Defaults System Defaults MAC System Defaults Iapp 802.11b/g Introduction Hardware Installation Attaching the Mounting Bracket Hardware Installation Hardware Installation Hardware Installation Network Configuration Network Configuration Ad Hoc Wireless LAN no AP or BridgeNetwork Topologies Network Topologies Infrastructure Wireless LAN Infrastructure Wireless LAN for Roaming Wireless PCs Seamless Roaming Network Configuration Required Connections Initial Setup through the CLI Initial Configuration Initial Configuration Steps Initial Setup through the CLI Using the Web-based Management Setup Wizard Using the Web-based Management Setup Wizard Initial Configuration Using the Web-based Management Setup Wizard 802.11g Radio Channel Set the operating radio Using the Web-based Management Setup Wizard Initial Configuration System Configuration System Configuration Advanced Configuration Advanced Configuration System Identification Disabled TCP / IP Settings Advanced Configuration System Configuration SMC-APconfig#interface ethernet Radius Advanced Configuration Authentication fails. Range 1-30 Default SMC-APconfig#radius-server address Authentication Advanced Configuration System Configuration Advanced Configuration Local Allowed Secs Filter Control Number Radius Attribute Value Advanced Configuration Native Vlan AP Management Snmp Advanced Configuration SMC-APconfig#snmp-server host 10.1.19.23 alpha Changing the Password Administration SMC-APconfig#username bob SMC-APconfig#password smcadmin Upgrading Firmware System Configuration Advanced Configuration File Size Enabling System Logging System Log Error Level Description Configuring Sntp System Configuration TAIPEI, Beijing Show sntp command Radio Interface Radio Interface Radio Settings 802.11a Normal Mode Turbo Mode Radio Interface Enter Wireless configuration commands, one per line Enabled Radio Settings 802.11g Radio Interface SMC-APif-wireless g#select-antenna-mode right antenna Ssid Security WEP Wired Equivalent Privacy WEP Radio Interface WEP only WEP over Show interface wireless g command PRE Shared KEY Wi-Fi Protected Access WPA System Configuration Radio Interface System Configuration WPA pre-shared key only WPA over Command not shown in example Show interface wireless a or show interface wireless g Access Point Status Status InformationStatus Information System Configuration Days, 4 hours, 39 minutes Station Status True Event Logs 192.168.1.19 System Configuration Using the Command Line Interface Accessing the CLIConsole Connection Telnet Connection Command Line Interface Entering Commands Entering CommandsKeywords and Arguments Minimum Abbreviation Command CompletionGetting Help on Commands Showing Commands Partial Keyword Lookup Negating the Effect of Commands Using Command HistoryUnderstanding Command Modes Configuration Commands Exec Commands Keystroke Function Command Line Processing Entering Commands Command Description Group Command Groups General Commands General CommandsConfigure Exit End Command Usage PingSyntax Reset Syntax Reset board configurationShow history Show line Console port settings are fixed at the values shown below Command Function Mode System Management Commands System Clock System Management Commands Country countrycode Country SMC-AP#country ie Syntax System name name no system name PromptSystem name Syntax Prompt string no prompt Syntax Username name Username Syntax Ip http port port-numberno ip http port PasswordSyntax Password password no password Ip http port Ip http server Syntax Ip http server no ip http server Default Setting Syntax Logging on no logging on Default Setting Logging onLogging host Logging console Syntax Logging console no logging console Default Setting Level Argument Description Logging level Show logging Default Setting Command ModeSyntax Show logging Command Mode Logging facility-type Syntax Sntp-server ip 1 2 ip Sntp-server ip Sntp-server enable This example sets the system clock to 1737 June 19 Sntp-server date-time Sntp-server daylight-saving Sntp-server timezone Show sntpSyntax Sntp-server timezone hours Show system Show version Snmp Commands Snmp CommandsSnmp-server community Syntax Snmp-server contact string no snmp-server contact Snmp-server contact Snmp-server enable server No snmp-server host Snmp-server host Syntax Snmp-server location text no snmp-server location Snmp-server location Show snmp Flash/File Commands Flash/File Commands BootfileSyntax Bootfile filename Copy Syntax Copy ftp tftp file copy config ftp tftp Delete File information is shown below Dir Radius Client Radius Client Radius-server address Radius-server portSyntax Radius-server secondary port portnumber Syntax Radius-server secondary retransmit numberofretries Radius-server keyRadius-server retransmit Syntax Radius-server secondary key keystring Syntax Radius-server secondary timeout numberofseconds Radius-server timeout Show radius 802.1x Port Authentication 802.1x Port Authentication 802.1xSyntax 802.1x supported required no Syntax 802.1x broadcast-key-refresh-rate rate 802.1x broadcast-key-refresh-rate Syntax 802.1x session-key-refresh-rate rate 802.1x session-key-refresh-rate Syntax Address filter default allowed denied 802.1x session-timeoutAddress filter default Default Syntax Address filter entry mac-addressallowed denied Address filter entry Syntax Address filter delete mac-address Address filter delete Syntax Mac-authentication server local remote Mac-authentication server Syntax Mac-authentication session-timeout seconds Mac-authentication session-timeout Show authentication Filtering Commands Syntax Filter local-bridge no filter local-bridge DefaultFilter local-bridge Filtering Commands Syntax Filter ap-manage no filter ap-manage DefaultFilter ap-manage Filter ethernet-type enable Filter ethernet-type protocol Show filters Interface Commands Interface Commands IC-W Transmit-power Syntax Interface ethernet wireless a g InterfaceDns server This example specifies two domain-name servers Ip address IP address Netmask Ip dhcp Syntax Ip dhcp no ip dhcp Default Setting Syntax Show interface ethernet Syntax Shutdown no shutdown Default SettingShutdown Show interface ethernet Syntax Radio-mode b g b+g Radio-mode Syntax Select-antenna-mode diversity right antenna Select-antenna-mode Syntax Description string no description Syntax Ssid-broadcast no ssid-broadcast Default SettingDescription Ssid-broadcast Syntax Speed speed Speed Syntax Channel channel auto Channel Turbo Ssid Beacon-intervalSyntax Beacon-interval interval Syntax Dtim-period interval Dtim-period Default Setting 2346 Command Mode Fragmentation-lengthSyntax Fragmentation-length length Syntax Rts-threshold threshold Rts-threshold Syntax Authentication open shared Encryption Key index size type value no key index Key Syntax Transmit-key index Transmit-key Transmit-powersignal-strength Transmit-power Syntax Max-association count Max-association Syntax Multicast-cipher AES Tkip WEP Multicast-cipher Syntax Wpa-clients required supported Wpa-clients Enhanced Data Encryption through Tkip Syntax Wpa-mode dynamic pre-shared-key Wpa-mode Syntax Wpa-preshared-key type value Wpa-preshared-key Syntax Wpa-psk-type type Wpa-psk-type Syntax Show interface wireless a g Show interface wireless Ssid SMC Show station Iapp Commands Syntax Iapp no iapp DefaultIapp Vlan Commands Vlan Commands Syntax Vlan enable no vlan Default Command DescriptionVlan Syntax Native-vlanid vlan-id Native-vlanid 102 Appendix a Troubleshooting Troubleshooting Troubleshooting Important Notice Maximum Distance Table Twisted-Pair Cable Assignments Appendix B Cables and Pinouts 10/100BASE-TX Pin Assignments Cables and Pinouts Straight-Through Wiring Crossover WiringTwisted-Pair Cable Assignments Console Port Pin Assignments Wiring Map for Serial Cable Serial Cable Signal Directions for DB-9 Ports Serial Cable Signal Directions for DB-25 PortsConsole Port Pin Assignments Cables and Pinouts General Specifications Specifications General Specifications Ieee 802.11a Sensitivity GHz dBm Modulation/Rates Sensitivity Transmit Power Specifications Advanced Encryption Standard AES Access PointAuthentication Ad Hoc Glossary File Transfer Protocol FTP Extended Service Set ESSExtensible Authentication Protocol EAP Ethernet Ieee Inter Access Point Protocol IappIeee 802.11b Ieee 802.11g Orthogonal Frequency Division Multiplexing Odfm Power over Ethernet PoENetwork Time Protocol NTP Open System Simple Network Management Protocol Snmp Service Set Identifier SsidSession Key Shared Key WPA Pre-shared Key PSK Wi-Fi Protected AccessTrivial File Transfer Protocol Tftp Virtual LAN Vlan Glossary-8 Index Index Index-3 Index-4 Page For Technical SUPPORT, Call