Cisco WAP200 Administration Guide - Page 34

Key source, RADIUS profile, Accounting, Mandatory authentication, Station ID delimiter, Station ID - support

Get Cisco WAP200 - Small Business Wireless-G Access Point PDF manuals and user guides
UPC - 745883574452
View all Cisco WAP200 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 34 highlights

Chapter 2 How it works Chapter 2 Key source This option determines how the TKIP keys are generated. • RADIUS: The WAP-200 obtains the MPPE key from the RADIUS server. This is a dynamic key that changes each time the user logs in and is authenticated. The MPPE key is used to generate the TKIP keys that encrypt the wireless data stream. Select the appropriate RADIUS server. • Preshared Key: The WAP-200 uses the key you specify in the Key field to generate the TKIP keys that encrypt the wireless data stream. Since this is a static key, it is not as secure as the RADIUS option. Specify a key that is between 8 and 64 ASCII characters in length. It is recommended that the preshared key be at least 20 characters long, and be a mix of letters and numbers. RADIUS profile Select the RADIUS profile the WAP-200 will use to validate user logins. Select Access Controller to forward authentications traffic to a Colubris Networks access controller. Accounting Enable this option to have the WAP-200 generate a RADIUS accounting request ON/ OFF for each user authentication. The WAP-200 respects the RADIUS interim-updateinterval attribute if present inside the RADIUS access accept of the authentication. Mandatory authentication Requires that all wireless client stations authenticate. Station ID delimiter Select the one-character delimiter that will be used to format both the calling station ID and the called station ID attributes in RADIUS packets. By default, the IEEE standard is used, which is a dash. Station ID MAC case Select the case applied to the station delimiter if it is a letter. 802.1x This option enables support for users with 802.1x client software. The WAP-200 supports 802.1x client software that uses EAP-TLS, EAP-TTLS, EAP-SIM, and PEAP. Note: Colubris Networks recommends that you do not use 802.1x unless you enable WEP encryption. RADIUS profile Select the RADIUS profile the WAP-200 will use to validate user logins. Select Access Controller to forward authentications traffic to a Colubris Networks access controller. WEP encryption Enable the use of dynamic WEP keys for all 802.1x sessions. Dynamic key rotation occurs on key 1, which is the broadcast key. Key 0 is the pair-wise key. It is automatically generated by the WAP-200. Key length and key change interval are set in the Dynamic keys box. Accounting Enable this option to have the WAP-200 generate a RADIUS accounting request ON/ OFF for each user authentication. The WAP-200 respects the RADIUS interim-updateinterval attribute if present inside the RADIUS access accept of the authentication. Mandatory authentication Requires that all wireless client stations authenticate. Station ID delimiter Select the one-character delimiter that will be used to format both the calling station ID and the called station ID attributes in RADIUS packets. By default, the IEEE standard is used, which is a dash. 34

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
Chapter 2
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - How it works - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Chapter 2
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 34 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Key source
This option determines how the TKIP keys are generated.
RADIUS: The WAP-200 obtains the MPPE key from the RADIUS server. This is a
dynamic key that changes each time the user logs in and is authenticated. The MPPE
key is used to generate the TKIP keys that encrypt the wireless data stream. Select
the appropriate RADIUS server.
Preshared Key: The WAP-200 uses the key you specify in the
Key
field to generate
the TKIP keys that encrypt the wireless data stream. Since this is a static key, it is not
as secure as the RADIUS option. Specify a key that is between 8 and 64 ASCII
characters in length. It is recommended that the preshared key be at least 20
characters long, and be a mix of letters and numbers.
RADIUS profile
Select the RADIUS profile the WAP-200 will use to validate user logins. Select
Access
Controller
to forward authentications traffic to a Colubris Networks access controller.
Accounting
Enable this option to have the WAP-200 generate a RADIUS accounting request ON/
OFF for each user authentication. The WAP-200 respects the RADIUS interim-update-
interval attribute if present inside the RADIUS access accept of the authentication.
Mandatory authentication
Requires that all wireless client stations authenticate.
Station ID delimiter
Select the one-character delimiter that will be used to format both the calling station ID
and the called station ID attributes in RADIUS packets. By default, the IEEE standard is
used, which is a dash.
Station ID MAC case
Select the case applied to the station delimiter if it is a letter.
802.1x
This option enables support for users with 802.1x client software. The WAP-200
supports 802.1x client software that uses EAP-TLS, EAP-TTLS, EAP-SIM, and PEAP.
Note:
Colubris Networks recommends that you do not use 802.1x unless you enable
WEP encryption.
RADIUS profile
Select the RADIUS profile the WAP-200 will use to validate user logins. Select
Access
Controller
to forward authentications traffic to a Colubris Networks access controller.
WEP encryption
Enable the use of dynamic WEP keys for all 802.1x sessions. Dynamic key rotation
occurs on key 1, which is the broadcast key. Key 0 is the pair-wise key. It is automatically
generated by the WAP-200.
Key length and key change interval are set in the
Dynamic keys
box.
Accounting
Enable this option to have the WAP-200 generate a RADIUS accounting request ON/
OFF for each user authentication. The WAP-200 respects the RADIUS interim-update-
interval attribute if present inside the RADIUS access accept of the authentication.
Mandatory authentication
Requires that all wireless client stations authenticate.
Station ID delimiter
Select the one-character delimiter that will be used to format both the calling station ID
and the called station ID attributes in RADIUS packets. By default, the IEEE standard is
used, which is a dash.