3Com 3CRWE870075A User Guide - Page 30

Authentication

Get 3Com 3CRWE870075A - Wireless LAN Access Point 8700 PDF manuals and user guides
UPC - 662705467955
View all 3Com 3CRWE870075A manuals
Add to My Manuals
Save this manual to your list of manuals

Page 30 highlights

AUTHENTICATION The Authentication page allows you to configure the type of upper-layer authentication the access point uses for wireless clients. Access is checked against the authentication database stored on the access point. This level of authentication occurs before any 802.1x authentication configured on the Security page. Configure the options as described below. When you are finished, click Apply. I MAC Authentication-Selecting MAC authentication allows you to define access permission and precedence. Options are: Local MAC. With this option, the MAC address of the associating station is compared against the local access control list. You must build this list (called the MAC Authentication Table) as described in Local MAC Authentication below. RADIUS MAC. With this option, the MAC address of the associating station is sent to the configured RADIUS server for validation. You must specify the authentication sequence and the corresponding parameters for the remote authentication protocol. See "RADIUS" on page 29 and "802.11x Setup" below. Disable. No checks are performed on an incoming client. I 802.1x Setup-802.1x is designed to enhance the security management of the wireless network. Select one of the following options: Disable. The access point will neither initiate nor respond to any 802.1x authentication requests to or from wireless clients. Supported. Legacy clients (non 802.1x) and 802.1x clients are both supported. This is provided for ease of migration. Required. Clients authenticate to a RADIUS server via the access point. Clients are not allowed onto the wired LAN until authentication is successful. When 802.1x is enabled, the broadcast and session key rotation intervals can also be configured. Set these values to force the periodic refresh of broadcast or session keys for each 802.1x client. First set up the RADIUS MAC authentication for the client on the RADIUS server. (See "RADIUS" on page 29.) Select Supported or Required on the 802.1x Setup field. Enter data as described in the following table. Field Default Broadcast Key Refresh Rate 0 (minutes) Description Defines how long the RADIUS server will refresh the primary broadcast key. 30

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
30
A
UTHENTICATION
The Authentication page allows you to configure the type of upper-layer
authentication the access point uses for wireless clients. Access is checked against
the authentication database stored on the access point.
This level of authentication occurs before any 802.1x authentication configured
on the Security page.
Configure the options as described below. When you are finished, click
Apply.
MAC Authentication
—Selecting MAC authentication allows you to define
access permission and precedence. Options are:
Local MAC.
With this option, the MAC address of the associating station is
compared against the local access control list.
You must build this list (called
the MAC Authentication Table) as described in Local MAC Authentication
below.
RADIUS MAC.
With this option, the MAC address of the associating station
is sent to the configured RADIUS server for validation.
You must specify the
authentication sequence and the corresponding parameters for the remote
authentication protocol. See “RADIUS” on page 29 and “802.11x
Setup” below.
Disable.
No checks are performed on an incoming client.
802.1x Setup
—802.1x is designed to enhance the security management of
the wireless network.
Select one of the following options:
Disable.
The access point will neither initiate nor respond to any 802.1x
authentication requests to or from wireless clients.
Supported.
Legacy clients (non 802.1x) and 802.1x clients are both
supported.
This is provided for ease of migration.
Required.
Clients authenticate to a RADIUS server via the access point.
Clients are not allowed onto the wired LAN until authentication is successful.
When 802.1x is enabled, the broadcast and session key rotation intervals can
also be configured.
Set these values to force the periodic refresh of broadcast
or session keys for each 802.1x client.
First set up the RADIUS MAC authentication for the client on the RADIUS
server. (See “RADIUS” on page 29.) Select Supported or Required on the
802.1x Setup field. Enter data as described in the following table.
Field
Default
Description
Broadcast Key Refresh Rate
0
(minutes)
Defines how long the RADIUS server will
refresh the primary broadcast key.