User's Manual
Table Of Contents
- Warranty and Product Registration
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Command Line Interface
- Using the Command Line Interface
- General Commands
- System Management Commands
- country
- prompt
- system name
- system-resource
- password
- reboot-schedule
- apmgmgtui ssh enable
- apmgmtui ssh port
- apmgmtui telnet- server enable
- apmgmtui http port
- apmgmtui http server
- apmgmtui http session-timeout
- apmgmtui https port
- apmgmtui https server
- apmgmtui snmp
- apmgmtip
- show apmanagement
- show system
- show system resource
- show version
- show config
- System Logging Commands
- System Clock Commands
- DHCP Relay Commands
- SNMP Commands
- snmp-server community
- snmp-server contact
- snmp-server location
- snmp-server enable server
- snmp-server host
- snmp-server trap
- snmp-server vacm view
- snmp-server vacm group
- snmp-server user
- snmp-server target
- snmp-server filter
- show snmp users
- show snmp target
- show snmp filter
- show snmp
- show snmp vacm view
- show snmp vacm group
- Flash/File Commands
- RADIUS Client Commands
- 802.1X Authentication Commands
- MAC Address Authentication Commands
- Filtering Commands
- Spanning Tree Commands
- bridge stp service
- bridge stp br-conf forwarding-delay
- bridge stp br-conf hello-time
- bridge stp br-conf max-age
- bridge stp br-conf priority
- bridge stp port-conf interface
- bridge-link path-cost
- bridge-link port- priority
- vap (STP Interface)
- path-cost (STP Interface)
- port-priority (STP Interface)
- bridge mac-aging
- show bridge stp
- show bridge br-conf
- show bridge port-conf interface
- show bridge status
- show bridge forward address
- show bridge mac- aging
- WDS Bridge Commands
- Ethernet Interface Commands
- Wireless Interface Commands
- interface wireless
- vap
- a-mpdu
- a-msdu
- channel
- transmit-power
- min-allowed-rate
- disable-coexist
- make-rf-setting- effective
- preamble
- short-guard-interval
- beacon-interval
- dtim-period
- rts-threshold
- ssid
- closed-system
- max-client
- max-association
- client-assoc-preempt
- assoc-timeout- interval
- auth-timeout-interval
- multicast-enhance
- shutdown (VAP)
- interfere-chan- recover
- antenna-chain
- long-distance
- long-distance reference-data
- long-distance slottime
- long-distance acktimeout
- long-distance ctstimeout
- bandwidth-control downlink
- bandwidth-control downlink rate
- bandwidth-control uplink
- bandwidth-control uplink rate
- show interface wireless
- show station
- show station statistics
- Wireless Security Commands
- Rogue AP Detection Commands
- Link Integrity Commands
- Link Layer Discovery Commands
- VLAN Commands
- WMM Commands
- QoS Commands
- Appendices
- Index of CLI Commands
- Index
Chapter 6
| Wireless Settings
Virtual Access Points (VAPs)
– 80 –
◆ 802.1X — The access point supports 802.1X authentication only for clients
initiating the 802.1X authentication process (i.e., the access point does not
initiate 802.1X authentication). For clients initiating 802.1X, only those
successfully authenticated are allowed to access the network. For those clients
not initiating 802.1X, access to the network is allowed after successful wireless
association with the access point. The 802.1X mode allows access for clients not
using WPA or WPA2 security.
◆ Pre-Authentication — When using WPA2 over 802.1X, pre-authentication can
be enabled, which allows clients to roam to a new access point and be quickly
associated without performing full 802.1X authentication. (Default: Disabled)
◆ 802.1x Reauthentication Time — The time period after which a connected
client must be re-authenticated. During the re-authentication process of
verifying the client’s credentials on the RADIUS server, the client remains
connected the network. Only if re-authentication fails is network access
blocked. (Range: 0-65535 seconds; Default: 0 means disabled)
Wired Equivalent
Privacy (WEP)
WEP provides a basic level of security, preventing unauthorized access to the
network, and encrypting data transmitted between wireless clients and the VAP.
WEP uses static shared keys (fixed-length hexadecimal or alphanumeric strings)
that are manually distributed to all clients that want to use the network.
WEP is the security protocol initially specified in the IEEE 802.11 standard for
wireless communications. Unfortunately, WEP has been found to be seriously
flawed and cannot be recommended for a high level of network security. For more
robust wireless security, the access point provides Wi-Fi Protected Access (WPA)
and WPA2 for improved data encryption and user authentication.
Setting up shared keys enables the basic IEEE 802.11 Wired Equivalent Privacy
(WEP) on the access point to prevent unauthorized access to the network.
If you choose to use WEP shared keys instead of an open system, be sure to define
at least one static WEP key for user authentication and data encryption. Also, be
sure that the WEP shared keys are the same for each client in the wireless network.
All clients share the same keys, which are used for user authentication and data
encryption. Up to four keys can be specified.