Manualshelf

User's Manual

ManualsBrandsTranzeo Wireless Technologies ManualsElectronicsWIRELESS MESH ROUTER
919293949596979899100
Chapter 12: Virtual Access Point (VAP) Configuration
TR0153 Rev. E1 94
CLI
The example below shows how to enable WPA-PSK mode for wlan1. The ‘wpa.key_mgmt
parameter must also be set to indicate that PSK mode is being used, as shown below.
> use wlan1
wlan1> set wpa.enable=yes
wlan1> set wpa.key_mgmt=”WPA-PSK”
wlan1> set wpa.passphrase=long_passphrases_improve_encryption_effectiveness
Web GUI
WPA-PSK can be enabled and the pre-shared key can be set via the web interface using the
“WPA/WEP” sub-tab under the “AAA” tab on the “System Parameters” page (see Figure 45).
Select “WPA-PSK” as the type of encryption/authentication from the drop-down menu for the
VAP you wish to configure and enter the WPA-PSK key in the text box below the drop-down
menu. In the example in Figure 45, ‘wlan2’ has been configured to use WPA-PSK.
12.9.3 WPA EAP Mode
In WPA-EAP mode, a client device is authenticated using an 802.1x authentication server,
which is typically a RADIUS server.
The supported EAP modes are:
TLS (X509v3 server & client certificates)
PEAP-TLS (X509v3 server & client certificates)
TTLS (X509v3 server certificate)
PEAP-MSCHAPv2 (X509v3 server certificate)
The following information must be provided about the RADIUS server:
address – the IP address of the 802.1x server that will be used for authentication
port – the port that the authentication server is listening on (UDP port 1812 by default)
secret the shared secret for the authentication server. The secret must be a string that is
no longer than 32 characters in length.
See section 19.5 for instructions on how to test the RADIUS configuration and a specific set of
credentials.
CLI
To configure the EnRoute500 to support 802.1x authentication, the following parameters in a
‘wlanN’ interface must be set: