System Configuration | SMC Networks SMC2555W-AG guide

System Configuration

•MAC Authentication Table: Displays current entries in the local MAC database.

802.1x Setup – IEEE 802.1x is a standard framework for network access control that uses a central RADIUS server for user authentication. This control feature prevents unauthorized access to the network by requiring an 802.1x client application to submit user credentials for authentication. The 802.1x standard uses the Extensible Authentication Protocol (EAP) to pass user credentials (either digital certificates, user names and passwords, or other) from the client to the RADIUS server. Client authentication is then verified on the RADIUS server before the access point grants client access to the network.

The 802.1x EAP packets are also used to pass dynamic unicast session keys and static broadcast keys to wireless clients. Session keys are unique to each client and are used to encrypt and correlate traffic passing between a specific client and the access point. You can also enable broadcast key rotation, so the access point provides a dynamic broadcast key and changes it at a specified interval.

You can enable 802.1x as optionally supported or as required to enhance the security of the wireless network.

•Disable: The access point does not support 802.1x authentication for any wireless client. After successful wireless association with the access point, each client is allowed to access the network.

•Supported: The access point supports 802.1x authentication only for clients initiating the 802.1x authentication process (i.e., the access point does not initiate 802.1x authentication). For clients initiating 802.1x, only those successfully authenticated are allowed to access the network. For those clients not initiating 802.1x, access to the network is allowed after successful wireless association with the access point.

•Required: The access point enforces 802.1x authentication for

5-16

Image 74

SMC Networks SMC2555W-AG manual System Configuration

Contents

SMC2555W-AG Page Revision Number R02, F3.0.02 Copyright Trademarks Limited Warranty Limited Warranty FCC Radiation Exposure Statement Wireless 2.4 Ghz and 5 GHz Band StatementsFederal Communication Commission Interference Statement Industry Canada Class B Japan Vcci Class B Australia/New Zealand AS/NZS EC Conformance Declaration Compliances Operation Using 5 GHz Channels in the European Community Declaration of Conformity in Languages of the European Viii Community Safety Compliance Power Cord Safety Cord set must be UL-approved and CSA certified France et Pérou uniquement Xii Xiii Xiv Table of Contents Command Line Interface Xvi Xvii Xviii Glossary Index Table of Contents Chapter Introduction Package Checklist Introduction Front Panel Hardware DescriptionHardware Description Rear Panel Antennas LED IndicatorsComponent Description Security Slot Ethernet Port Reset ButtonConsole Port Power Connector Features and BenefitsFeatures and Benefits Applications Frequently changing environments System Defaults System Defaults MAC System Defaults Iapp 802.11b/g Introduction Hardware Installation Hardware Installation Attaching the Mounting Bracket Hardware Installation Hardware Installation Network Configuration Network Topologies Network ConfigurationAd Hoc Wireless LAN no AP or Bridge Infrastructure Wireless LAN Network Topologies Infrastructure Wireless LAN for Roaming Wireless PCs Seamless Roaming Network Configuration Initial Setup through the CLI Required Connections Initial Configuration Initial Setup through the CLI Initial Configuration Steps Using the Web-based Management Setup Wizard Using the Web-based Management Setup Wizard Initial Configuration Using the Web-based Management Setup Wizard 802.11g Radio Channel Set the operating radio Using the Web-based Management Setup Wizard Initial Configuration System Configuration Advanced Configuration System Configuration Advanced Configuration System Identification Disabled TCP / IP Settings Advanced Configuration System Configuration SMC-APconfig#interface ethernet Radius Advanced Configuration Authentication fails. Range 1-30 Default SMC-APconfig#radius-server address Authentication Advanced Configuration System Configuration Advanced Configuration Local Allowed Secs Filter Control Number Radius Attribute Value Advanced Configuration Native Vlan AP Management Snmp Advanced Configuration SMC-APconfig#snmp-server host 10.1.19.23 alpha Administration Changing the Password SMC-APconfig#username bob SMC-APconfig#password smcadmin Upgrading Firmware System Configuration Advanced Configuration File Size System Log Enabling System Logging Error Level Description Configuring Sntp System Configuration Show sntp command TAIPEI, Beijing Radio Interface Radio Settings 802.11a Radio Interface Normal Mode Turbo Mode Radio Interface Enter Wireless configuration commands, one per line Enabled Radio Settings 802.11g Radio Interface SMC-APif-wireless g#select-antenna-mode right antenna Ssid Security WEP Wired Equivalent Privacy WEP Radio Interface WEP only WEP over Show interface wireless g command PRE Shared KEY Wi-Fi Protected Access WPA System Configuration Radio Interface System Configuration WPA pre-shared key only WPA over Show interface wireless a or show interface wireless g Command not shown in example Status Information Access Point StatusStatus Information System Configuration Days, 4 hours, 39 minutes Station Status True Event Logs 192.168.1.19 System Configuration Console Connection Using the Command Line InterfaceAccessing the CLI Command Line Interface Telnet Connection Keywords and Arguments Entering CommandsEntering Commands Showing Commands Command CompletionGetting Help on Commands Minimum Abbreviation Partial Keyword Lookup Understanding Command Modes Negating the Effect of CommandsUsing Command History Exec Commands Configuration Commands Command Line Processing Keystroke Function Entering Commands Command Groups Command Description Group Configure General CommandsGeneral Commands End Exit Syntax Command UsagePing Show history ResetSyntax Reset board configuration Console port settings are fixed at the values shown below Show line System Management Commands Command Function Mode System Management Commands System Clock Country Country countrycode SMC-AP#country ie Syntax Prompt string no prompt PromptSystem name Syntax System name name no system name Username Syntax Username name Ip http port PasswordSyntax Password password no password Syntax Ip http port port-numberno ip http port Syntax Ip http server no ip http server Default Setting Ip http server Logging host Syntax Logging on no logging on Default SettingLogging on Syntax Logging console no logging console Default Setting Logging console Logging level Level Argument Description Logging facility-type Default Setting Command ModeSyntax Show logging Command Mode Show logging Sntp-server ip Syntax Sntp-server ip 1 2 ip Sntp-server enable Sntp-server date-time This example sets the system clock to 1737 June 19 Sntp-server daylight-saving Syntax Sntp-server timezone hours Sntp-server timezoneShow sntp Show system Show version Snmp-server community Snmp CommandsSnmp Commands Snmp-server contact Syntax Snmp-server contact string no snmp-server contact Snmp-server enable server Snmp-server host No snmp-server host Snmp-server location Syntax Snmp-server location text no snmp-server location Flash/File Commands Show snmp Syntax Bootfile filename Flash/File CommandsBootfile Syntax Copy ftp tftp file copy config ftp tftp Copy Delete Dir File information is shown below Radius Client Radius Client Syntax Radius-server secondary port portnumber Radius-server addressRadius-server port Syntax Radius-server secondary key keystring Radius-server keyRadius-server retransmit Syntax Radius-server secondary retransmit numberofretries Radius-server timeout Syntax Radius-server secondary timeout numberofseconds Show radius 802.1x Port Authentication Syntax 802.1x supported required no 802.1x Port Authentication802.1x 802.1x broadcast-key-refresh-rate Syntax 802.1x broadcast-key-refresh-rate rate 802.1x session-key-refresh-rate Syntax 802.1x session-key-refresh-rate rate Default 802.1x session-timeoutAddress filter default Syntax Address filter default allowed denied Address filter entry Syntax Address filter entry mac-addressallowed denied Address filter delete Syntax Address filter delete mac-address Mac-authentication server Syntax Mac-authentication server local remote Mac-authentication session-timeout Syntax Mac-authentication session-timeout seconds Show authentication Filter local-bridge Filtering CommandsSyntax Filter local-bridge no filter local-bridge Default Filter ap-manage Filtering CommandsSyntax Filter ap-manage no filter ap-manage Default Filter ethernet-type enable Filter ethernet-type protocol Interface Commands Show filters Interface Commands IC-W Transmit-power Dns server Syntax Interface ethernet wireless a gInterface Ip address This example specifies two domain-name servers IP address Netmask Syntax Ip dhcp no ip dhcp Default Setting Ip dhcp Show interface ethernet Syntax Shutdown no shutdown Default SettingShutdown Syntax Show interface ethernet Radio-mode Syntax Radio-mode b g b+g Select-antenna-mode Syntax Select-antenna-mode diversity right antenna Ssid-broadcast Syntax Ssid-broadcast no ssid-broadcast Default SettingDescription Syntax Description string no description Speed Syntax Speed speed Channel Syntax Channel channel auto Turbo Syntax Beacon-interval interval SsidBeacon-interval Dtim-period Syntax Dtim-period interval Syntax Fragmentation-length length Default Setting 2346 Command ModeFragmentation-length Rts-threshold Syntax Rts-threshold threshold Syntax Authentication open shared Encryption Key Key index size type value no key index Transmit-key Syntax Transmit-key index Transmit-power Transmit-powersignal-strength Max-association Syntax Max-association count Multicast-cipher Syntax Multicast-cipher AES Tkip WEP Wpa-clients Syntax Wpa-clients required supported Enhanced Data Encryption through Tkip Wpa-mode Syntax Wpa-mode dynamic pre-shared-key Wpa-preshared-key Syntax Wpa-preshared-key type value Wpa-psk-type Syntax Wpa-psk-type type Show interface wireless Syntax Show interface wireless a g Ssid SMC Show station Iapp Iapp CommandsSyntax Iapp no iapp Default Vlan Commands Vlan Commands Vlan Syntax Vlan enable no vlan DefaultCommand Description Native-vlanid Syntax Native-vlanid vlan-id 102 Appendix a Troubleshooting Troubleshooting Troubleshooting Maximum Distance Table Important Notice Appendix B Cables and Pinouts Twisted-Pair Cable Assignments Cables and Pinouts 10/100BASE-TX Pin Assignments Twisted-Pair Cable Assignments Straight-Through WiringCrossover Wiring Wiring Map for Serial Cable Console Port Pin Assignments Console Port Pin Assignments Serial Cable Signal Directions for DB-9 PortsSerial Cable Signal Directions for DB-25 Ports Cables and Pinouts General Specifications Specifications General Specifications Sensitivity Ieee 802.11a Sensitivity GHz dBm Modulation/Rates Transmit Power Specifications Ad Hoc Access PointAuthentication Advanced Encryption Standard AES Glossary Ethernet Extended Service Set ESSExtensible Authentication Protocol EAP File Transfer Protocol FTP Ieee 802.11g Inter Access Point Protocol IappIeee 802.11b Ieee Open System Power over Ethernet PoENetwork Time Protocol NTP Orthogonal Frequency Division Multiplexing Odfm Shared Key Service Set Identifier SsidSession Key Simple Network Management Protocol Snmp Virtual LAN Vlan Wi-Fi Protected AccessTrivial File Transfer Protocol Tftp WPA Pre-shared Key PSK Glossary-8 Index Index Index-3 Index-4 Page For Technical SUPPORT, Call