beautypg.com

Configuring an authentication mode, Configuration guidelines – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 382

background image

361

Service

type

Authenticati

on mode

Encryption

type

Security IE

WEP

encryption/key ID Port mode

Crypto

Open-System

Selected Required

WEP encryption is
available
The key ID can be 2,
3, or 4.

mac and psk

psk

userlogin-secure-ext

Unselected Unavailable

WEP encryption is
required
The key ID can be 1,
2, 3 or 4.

mac-authentication

userlogin-secure

userlogin-secure-ext

Shared-Key Unavailable Unavailable

WEP encryption is
required
The key ID can be 1,
2, 3 or 4.

mac-authentication

Open-System
and
Shared-Key

Selected Required

WEP encryption is
required
The key ID can be 1,

2, 3 or 4.

mac and psk

psk

userlogin-secure-ext

Unselected Unavailable

WEP encryption is
required
The key ID can be 1,
2, 3 or 4.

mac-authentication

userlogin-secure

userlogin-secure-ext

Configuring an authentication mode

WLAN access supports the following client authentication modes:

Centralized—The AC authenticates clients. In centralized authentication mode, the data forwarding
mode is determined by the forwarding mode settings (see "

Configuring advanced settings for the

clear-type wireless service

"). If the connection between AC and AP fails, whether to log off clients

associated with the AP depends on the remote AP settings (see "

Configuring APs

").

Local—The AP authenticates clients. Use this mode in simple networks. In this mode, the AP directly
forwards data frames from clients. If the connection between AP and AC fails, the AP does not log

off locally authenticated clients and accepts new clients after they pass local authentication.

Backup—When the AP-AC connection is correct, the AC authenticates clients. When the
connection fails, the AP authenticates clients and performs local forwarding. When the AP

re-establishes a connection with the AC, the AP logs out all clients and the AC re-authenticates

clients.

Configuration guidelines

If clients are authenticated remotely, make sure the AP is still connected to the authentication server
when the AC-AP connection fails. Otherwise, the existing clients go offline. You can deploy the

authentication server at the AP side (see "

Configuring clear-type wireless service

").

Portal authentication is not supported.

Clients authenticated by the AP do not support roaming.

Locally authenticated clients do not support roaming and client information backup. For more
information about client information backup, see "

Configuring advanced settings

."