Home » 3Com Manuals » Wireless » 3Com 8760 » Manual Viewer

3Com 8760 User Guide - Page 234

If a WPA/WPA2 Pre-shared Key mode is selected WPA-PSK, WPA2-PSK or

UPC - 662705506531

Add to My Manuals
Save this manual to your list of manuals

Page 234 highlights

CHAPTER 5: COMMAND LINE INTERFACE • To use WEP shared-key authentication, set the authentication type to "shared-key" and define at least one static WEP key with the key command. Encryption is automatically enabled by the command. • To use WEP encryption only (no authentication), set the authentication type to "open-system." Then enable WEP with the encryption command, and define at least one static WEP key with the key command. • When any WPA or WPA2 option is selected, clients are authenticated using 802.1X via a RADIUS server. Each client must be WPA-enabled or support 802.1X client software. The 802.1X settings (see "802.1X Authentication" on page 5-70) and RADIUS server details (see "RADIUS Client" on page 5-64) must be configured on the access point. A RADIUS server must also be configured and be available in the wired network. • If a WPA/WPA2 mode that operates over 802.1X is selected (WPA, WPA2, WPA-WPA2-mixed, or WPA-WPA2-PSK-mixed), the 802.1X settings (see "802.1X Authentication" on page 5-70) and RADIUS server details (see "RADIUS Client" on page 5-64) must be configured. Be sure you have also configured a RADIUS server on the network before enabling authentication. Also, note that each client has to be WPA-enabled or support 802.1X client software. A RADIUS server must also be configured and be available in the wired network. • If a WPA/WPA2 Pre-shared Key mode is selected (WPA-PSK, WPA2-PSK or WPA-WPA2-PSK-mixed), the key must first be generated and distributed to all wireless clients before they can successfully associate with the access point. Use the wpa-preshared-key command to configure the key (see "key" on page 5-134 and "transmit-key" on page 5-135). • WPA2 defines a transitional mode of operation for networks moving from WPA security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2 clients to associate to a common VAP interface. When the encryption cipher suite is set to TKIP, the unicast encryption cipher (TKIP or AES-CCMP) is negotiated for each client. The access point advertises it's supported encryption ciphers in beacon frames and probe responses. WPA and WPA2 clients select the cipher they support and return the choice in the association request to the access point. For mixed-mode operation, the cipher used for broadcast frames is always TKIP. WEP encryption is not allowed. • The "required" option places the VAP into TKIP only mode. The "supported" option places the VAP into TKIP+AES+WEP mode. The "required" mode is used in WPA-only environments. • The "supported" mode can be used for mixed environments with legacy WPA products, specifically WEP. (For example, WPA+WEP. The WPA2+WEP environment is not available because WPA2 does not support 5-132

Section	Page
3Com Wireless 8760 Dual-radio 11a/b/g PoE Access Point	1
Contents	3
Introduction	9
Product Features	10
Security	10
Performance and Reliability	11
Virtual Access Point (VAP) Support	11
WDS Bridging and Spanning Tree Protocol (STP) Support	11
Manageability	12
Wireless Network Standards	12
802.11g	12
802.11a	13
Approved Channels	13
Installing the Access Point	15
Installation Requirements	15
Power Requirements	16
Safety Information	16
Deciding Where to Place Equipment and Performing A Site Survey	17
Before You Begin	18
Connecting the Standard Antennas	19
Connecting Power	20
Using the Power Supply	22
Using a Power-Over-Ethernet LAN Port	22
Checking the LEDs	23
Reset Button	23
Wall, Ceiling, or Electrical Box Mounting	24
Flat Surface Installation	26
Selecting and Connecting a Different Antenna Model	26
Installing Software Utilities	28
Initial Configuration	29
Networks with a DHCP Server	29
Networks without a DHCP Server	29
Using the 3Com Installation CD	30
Launch the 3COM Wireless Infrastructure Device Manager (Widman) utility	30
Launching the 3com Wireless Interface Device Manager	30
First Time Only	32
Using the Setup Wizard	32
System Configuration	41
Advanced Setup	42
System Identification	44
TCP / IP Settings	45
RADIUS	48
Authentication	49
Filter Control	54
VLAN	56
SNMP	58
Configuring SNMP and Trap Message Parameters	58
Configuring SNMPv3 Users	61
Administration	62
Changing the Password	62
Telnet and SSH Settings	63
Upgrading Firmware	64
WDS and Spanning Tree Settings	67
System Log	73
Enabling System Logging	73
Configuring SNTP	74
Radio Interface	75
802.11a Interface	76
Configuring Radio Settings	76
Configuring Common Radio Settings	78
802.11b/g Interface	82
Configuring Wi-Fi Multimedia	84
Security	89
Wired Equivalent Privacy (WEP)	92
Wi-Fi Protected Access (WPA)	96
Status Information	99
Access Point Status	99
Station Status	100
Event Logs	101
Command Line Interface	103
Using the Command Line Interface	103
Accessing the CLI	103
Console Connection	103
Telnet Connection	104
Entering Commands	105
Keywords and Arguments	105
Minimum Abbreviation	105
Command Completion	105
Getting Help on Commands	105
Showing Commands	106
Partial Keyword Lookup	106
Negating the Effect of Commands	107
Using Command History	107
Understanding Command Modes	107
Exec Commands	107
Configuration Commands	108
Command Line Processing	108
Command Groups	109
General Commands	110
configure	110
end	111
exit	112
ping	112
reset	113
show history	114
show line	114
System Management Commands	115
country	116
prompt	117
system name	118
username	118
password	119
ip ssh-server enable	119
ip ssh-server port	120
ip telnet-server enable	120
ip http port	121
ip http server	121
ip https port	122
ip https server	123
web-redirect	124
APmgmtIP	125
APmgmtUI	126
show apmanagement	127
show system	128
show version	129
show config	129
show hardware	134
System Logging Commands	134
logging on	135
logging host	135
logging console	136
logging level	136
logging facility-type	137
logging clear	138
show logging	138
show event-log	139
System Clock Commands	139
sntp-server ip	140
sntp-server enable	140
sntp-server date-time	141
sntp-server daylight-saving	142
sntp-server timezone	142
show sntp	143
DHCP Relay Commands	144
dhcp-relay enable	144
dhcp-relay	145
show dhcp-relay	145
SNMP Commands	146
snmp-server community	147
snmp-server contact	147
snmp-server location	148
snmp-server enable server	149
snmp-server host	149
snmp-server trap	150
snmp-server engine-id	152
snmp-server user	153
snmp-server targets	154
snmp-server filter	155
snmp-server filter-assignments	156
show snmp groups	157
show snmp users	158
show snmp group-assignments	158
show snmp target	159
show snmp filter	159
show snmp filter-assignments	160
show snmp	161
Flash/File Commands	162
bootfile	162
copy	163
delete	164
dir	165
show bootfile	166
RADIUS Client	166
radius-server address	167
radius-server port	167
radius-server key	168
radius-server retransmit	168
radius-server timeout	169
radius-server port-accounting	169
radius-server timeout-interim	170
radius-server radius-mac-format	170
radius-server vlan-format	171
show radius	171
802.1X Authentication	172
802.1x	173
802.1x broadcast-key-refresh-rate	174
802.1x session-key-refresh-rate	175
802.1x session-timeout	175
802.1x-supplicant enable	176
802.1x-supplicant user	176
show authentication	177
MAC Address Authentication	178
address filter default	178
address filter entry	179
address filter delete	180
mac-authentication server	180
mac-authentication session-timeout	181
Filtering Commands	181
filter local-bridge	182
filter ap-manage	183
filter uplink enable	183
filter uplink	183
filter ethernet-type enable	184
filter ethernet-type protocol	185
show filters	185
WDS Bridge Commands	186
bridge role (WDS)	187
bridge-link parent	188
bridge-link child	188
bridge dynamic-entry age-time	189
show bridge aging-time	190
show bridge filter-entry	191
show bridge link	192
Spanning Tree Commands	193
bridge stp enable	194
bridge stp forwarding-delay	194
bridge stp hello-time	195
bridge stp max-age	196
bridge stp priority	196
bridge-link path-cost	197
bridge-link port-priority	198
show bridge stp	198
Ethernet Interface Commands	199
interface ethernet	200
dns server	200
ip address	201
ip dhcp	202
speed-duplex	203
shutdown	203
show interface ethernet	204
Wireless Interface Commands	205
interface wireless	206
vap	207
speed	207
turbo	208
multicast-data-rate	209
channel	210
transmit-power	211
radio-mode	211
preamble	212
antenna control	213
antenna id	214
antenna location	214
beacon-interval	215
dtim-period	216
fragmentation-length	217
rts-threshold	217
super-a	218
super-g	219
description	219
ssid	220
closed-system	220
max-association	221
assoc-timeout-interval	221
auth-timeout-value	222
shutdown	222
show interface wireless	223
show station	227
Rogue AP Detection Commands	227
rogue-ap enable	228
rogue-ap authenticate	229
rogue-ap duration	230
rogue-ap interval	230
rogue-ap scan	231
show rogue-ap	232
Wireless Security Commands	232
auth	233
encryption	235
key	236
transmit-key	237
cipher-suite	238
mic_mode	239
wpa-pre-shared-key	240
pmksa-lifetime	241
pre-authentication	241
Link Integrity Commands	243
link-integrity ping-detect	243
link-integrity ping-host	244
link-integrity ping-interval	244
link-integrity ping-fail-retry	245
link-integrity ethernet-detect	245
show link-integrity	246
IAPP Commands	246
iapp	246
VLAN Commands	247
vlan	248
management-vlanid	248
vlan-id	249
WMM Commands	250
wmm	250
wmm-acknowledge-policy	251
wmmparam	252
Troubleshooting	255

Match case Limit results 1 per page

5-132

HAPTER

5: C

OMMAND

INE

NTERFACE

• To use WEP shared-key authentication, set the authentication type to

“shared-key” and define at least one static WEP key with the

key

command. Encryption is automatically enabled by the command.

• To use WEP encryption only (no authentication), set the authentication

type to “open-system.” Then enable WEP with the

encryption

command,

and define at least one static WEP key with the

key

command.

• When any WPA or WPA2 option is selected, clients are authenticated

using 802.1X via a RADIUS server. Each client must be WPA-enabled or

support 802.1X client software. The 802.1X settings (see “802.1X

Authentication” on page 5-70) and RADIUS server details (see “RADIUS

Client” on page 5-64) must be configured on the access point. A RADIUS

server must also be configured and be available in the wired network.

•

If a WPA/WPA2 mode that operates over 802.1X is selected (WPA, WPA2,

WPA-WPA2-mixed, or WPA-WPA2-PSK-mixed), the 802.1X settings (see

“802.1X Authentication” on page 5-70) and RADIUS server details (see

“RADIUS Client” on page 5-64) must be configured. Be sure you have also

configured a RADIUS server on the network before enabling

authentication. Also, note that each client has to be WPA-enabled or

support 802.1X client software. A RADIUS server must also be configured

and be available in the wired network.

•

If a WPA/WPA2 Pre-shared Key mode is selected (WPA-PSK, WPA2-PSK or

WPA-WPA2-PSK-mixed), the key must first be generated and distributed

to all wireless clients before they can successfully associate with the access

point. Use the wpa-preshared-key command to configure the key (see

“key” on page 5-134 and “transmit-key” on page 5-135).

•

WPA2 defines a transitional mode of operation for networks moving from

WPA security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2

clients to associate to a common VAP interface. When the encryption

cipher suite is set to TKIP, the unicast encryption cipher (TKIP or

AES-CCMP) is negotiated for each client. The access point advertises it’s

supported encryption ciphers in beacon frames and probe responses. WPA

and WPA2 clients select the cipher they support and return the choice in

the association request to the access point. For mixed-mode operation, the

cipher used for broadcast frames is always TKIP. WEP encryption is not

allowed.

• The “required” option places the VAP into TKIP only mode. The

“supported” option places the VAP into TKIP+AES+WEP mode. The

“required” mode is used in WPA-only environments.

• The “supported” mode can be used for mixed environments with legacy

WPA products, specifically WEP. (For example, WPA+WEP. The

WPA2+WEP environment is not available because WPA2 does not support