User Guide

ManualsBrandsNETGEAR ManualsOtherWFS709TP-100NAS

121

122

123

124

125

126

127

128

129

130

Table Of Contents

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual
Contents
About This Manual
- Conventions, Formats, and Scope
- How to Use This Manual
- How to Print this Manual
- Revision History
Chapter 1 Overview of the WFS709TP
- WFS709TP System Components
- Basic WLAN Configuration
- Wireless Client Access to the WLAN
- Configuring and Managing the WFS709TP
  - Tools
Chapter 2 Deploying a Basic WFS709TP System
- Configuration Overview
- Configuring the WFS709TP
- Deploying APs
- Additional Configuration
Chapter 3 Configuring Network Parameters
- Configuring VLANs
  - Assigning a Static Address to a VLAN
  - Configuring a VLAN to Receive a Dynamic Address
- Configuring Static Routes
- Configuring the Loopback IP Address
Chapter 4 RF Plan
- RF Plan Overview
- Before You Begin
  - Task Overview
  - Planning Requirements
- Using RF Plan
- RF Plan Example
Chapter 5 Configuring WLANS
- Before You Begin
  - Determine the Authentication Method
  - Determine the Default VLAN
- Basic WLAN Configuration in the Browser Interface
  - Example Configuration
- Advanced WLAN Configuration in the Browser Interface
- IntelliFi RF Management
Chapter 6 Configuring AAA Servers
- Configuring an External RADIUS Server
- Adding Users to the Internal Database
- Configuring Authentication Timers
Chapter 7 Configuring 802.1x Authentication
- 802.1x Authentication
  - Authentication with a RADIUS Server
  - Authentication Terminated on WFS709TP
- Configuring 802.1x Authentication
  - 802.1x Authentication Page
- Advanced Configuration Options for 802.1x
Chapter 8 Configuring the Captive Portal
- Overview of Captive Portal Functions
- Configuring Captive Portal
- Configuring Advanced Captive Portal Options
- Configuring the AAA Server for Captive Portal
  - Changing the Protocol to HTTP
- Personalizing the Captive Portal Page
Chapter 9 Configuring MAC-Based Authentication
- Configuring the WFS709TP
- Configuring Users
Chapter 10 Adding Local WFS709TPs
- Moving to a Multi-Switch Environment
- Configuring Local WFS709TPs
Chapter 11 Configuring Redundancy
- Virtual Router Redundancy Protocol
- Redundancy Configuration
Chapter 12 Configuring Wireless Intrusion Protection
- Rogue/Interfering AP Detection
- Misconfigured AP Detection
  - Configuring Misconfigured AP Protection
Chapter 13 Configuring Management Utilities
- Configuring Management Users
- Configuring SNMP
- Creating Guest Accounts
- Managing Files on the WFS709TP
- Installing a Server Certificate
Chapter 14 Configuring WFS709TP for Voice
- Voice over IP Proxy ARP
- Battery Boost
- Limiting the Number of Active Voice Calls
- WPA Fast Handover
Appendix A Configuring DHCP with Vendor-Specific Options
- Overview
- Windows-Based DHCP Servers
  - Configuring Option 60
  - Configuring Option 43
- Linux DHCP Servers
Appendix B Windows Client Example Configuration for 802.1x
- Window XP Wireless Client Example Configuration
Appendix C Internal Captive Portal
- Creating a New Internal Web Page
  - Basic HTML Example
- Installing a New Captive Portal Page
- Displaying Authentication Error Message
- Language Customization
- Customizing the Welcome Page
- Customizing the Pop-Up Box
- Customizing the Logged Out Box
Appendix D Related Documents
Index

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

7-6 Configuring 802.1x Authentication

v1.0, June 2007

* For Windows environments only

Advanced Configuration Options for 802.1x

This section describes the Advanced Configuration options for 802.1x authentication (Figure 7-4).

The Advanced Configuration settings should not be modified unless there is a need to customize at

a more detailed level.

In the browser interface, access the Advanced options by clicking the Show tab on the right of the

Advanced Configuration option on the 802.1x configuration page.

Enable Opportunistic Key

Caching (WPA2)

Enables the same pairwise master key (PMK) derived with a

client and an associated AP to be used when the client roams

to a new AP. This allows users faster roaming without having

to reauthenticate.

Make sure that the wireless client (the 802.1x supplicant)

supports this feature before you enable this option. If the client

does not support this feature, the client will attempt to

renegotiate the key whenever it roams to a new AP. As a

result, the key cached on the WFS709TP can be out of sync

with the key used by the client.

Disabled

Enforce Machine

Authentication *

Select this option to enforce machine authentication before

user authentication.

Disabled

Table 7-1. 802.1x Authentication Browser Interface Page Options (continued)

Parameter Description Default