WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

391

392

393

394

395

396

397

398

399

400

4-59

Wireless Local Area Networks (WLANs)

Configuring a WLAN

b. Enter the preshared key.

As always, you should select a key that conforms to the highest security

standards. The longer the key and the more special characters it contains,

the more secure it is. (The key must be at least 22 characters to withstand a

brute force attack.)

You can enter the key in one of two ways:

– Select ASCII Passphrase, and then enter a password of from 8 to 63

characters. Users must enter the same characters to access the WLAN.

– Select 256-bit key, and then enter the key manually in hexadecimal.

Enter 16 characters in each of the four fields.

5. If you want, check the Broadcast Key Rotation box.

Because all stations must use the same broadcast key, this key is clearly more

vulnerable to hackers than the per-session keys. Periodically changing the

broadcast key helps to protect your WLAN.

By default, the Wireless Edge Services zl Module does not rotate the broadcast

key. However, if you enable the feature, the default rotation period is every 7,200

seconds (two hours).

In the Update broadcast keys every field, you can enter any value from

60 seconds (one minute) through 86,400 seconds (one day). The shorter the

rotation period, the more secure, but also the more overhead added by the key

redistribution.

6. Click the OK button to apply your settings and close the WPA/WPA2 screen.

7. Click the OK button in the WLAN’s Edit screen to apply your settings.

Configuring Encryption for a WLAN that Uses MAC Authentication. A

WLAN that enforces MAC authentication to a network server can also provide

wireless encryption. In this case, a wireless user must pass two tests to connect to the

WLAN: the user’s station must pass MAC authentication, and the user must enter

the correct WEP or WPA/WPA2 key.

This section explains how to add encryption to a WLAN already configured for

RADIUS MAC authentication. See “MAC Authentication” on page 4-43 for instruc-

tions on configuring the authentication.

After selecting MAC Authentication in a WLAN’s Edit screen, you have several

choices for which boxes in the Encryption section to check. Table 4-5 summarizes

these options and refers you to section that explains how to configure the second

security option.