3Com 3CRWE80096A User Guide - Page 35
Setting up Security, Security Settings, RADIUS EAP-MD5 Authentication with Access Point Encryption
UPC - 662705441221
View all 3Com 3CRWE80096A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 35 highlights
Setting up Security 29 Setting up Security The Encryption page lets you select the type of security to be used on the access point. The page is divided into Security Settings, which determine the type of access authentication, and Access Point Encryption Settings, which determine the type of encryption used if the access point is handling encryption. To maintain wireless association, the encryption settings on clients and all the access points they associate with must match exactly. In addition to providing wireless encryption, access point security can be integrated with upper layer authentication provided by a RADIUS server on the wired LAN using IEEE 802.1x support. Security Settings The following security settings are available on the Encryption page. Security settings that use access point encryption also require you to select from the options available under Access Point Encryption Settings, which are described in "Access Point Encryption Settings". s Access Point Local Authentication/Encryption-Disables upper-layer authentication, so the access point handles both authentication and encryption. It can be used with any of the encryption options described in "Access Point Encryption Settings". s RADIUS EAP-MD5 Authentication with Access Point Encryption-Enables RADIUS authentication using MD5 (username-password) authentication. It can be used with No Security (Open System), 40-bit Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in "Access Point Encryption Settings". s RADIUS Serial Authentication with Dynamic Encryption Key-Enables mutual RADIUS authentication implementation, which allows client and RADIUS to mutually authenticate (EAP-TLS) and perform user authentication (EAP-MD5). You can select either 40-bit or 128-bit Dynamic Encryption. Selecting Auto-Session Key Renew causes the access point and clients to periodically change session keys, greatly enhancing security. RADIUS EAP-TLS Authentication with Dynamic Encryption Key (Windows XP only)-Enables certificate-based mutual RADIUS authentication with 40-bit or 128-bit Dynamic Encryption. This setting is supported for clients running under Windows XP. s Access Point Local MAC Authentication/Encryption-Enables client authentication through a list of MAC addresses stored on the access point. Only clients whose MAC addresses are on the list can associate with the access point. This option can be used with No Security (Open System), 40-bit Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in "Access Point Encryption Settings". For details on how to set up the access list, see "Setting up a MAC Address Access List" on page 31. s RADIUS MAC Authentication with Access Point Encryption-Enables client authentication through a list of MAC addresses stored on a RADIUS server. Only clients whose MAC addresses are on the list can associate with the access point. This option can be used with No Security (Open System), 40-bit Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in "Access Point Encryption Settings". For details on how to create the MAC authentication list on the RADIUS server, see RADIUS documentation.