Protocols and standards, Configuring wlan security, Enabling an authentication method – H3C Technologies H3C WA2600 Series WLAN Access Points User Manual
Page 19
5-4
1) PSK
authentication
Both WPA wireless access and WPA2 wireless access support PSK authentication. To implement PSK
authentication, the client and the authenticator must have the same shared key configured.
2) 802.1X
authentication
As a port-based access control protocol, 802.1X authenticates and controls accessing devices at the
port level. A device connected to an 802.1X-enabled port of a WLAN access control device can access
the resources on the WLAN only after passing authentication.
3) MAC
authentication
MAC authentication provides a way for authenticating users based on ports and MAC addresses. For
this authentication, the user does not need to install any client software. When the device first detects
the MAC address of a user, it starts the authentication for the user. During the authentication process,
the user does not need to manually input username or password. In WLAN applications, MAC
authentication needs to get the MAC addresses of the clients in advance. Therefore, MAC
authentication is applicable to small-scaled networks with relatively fixed users, for example, SOHO
and small offices.
Protocols and Standards
z
IEEE Standard for Information technology— Telecommunications and information exchange
between systems— Local and metropolitan area networks— Specific requirements -2004
z
WI-FI Protected Access – Enhanced Security Implementation Based On IEEE P802.11i
Standard-Aug 2004
z
Information technology—Telecommunications and information exchange between
systems—Local and metropolitan area networks—Specific requirements—802.11, 1999
z
IEEE Standard for Local and metropolitan area networks” Port-Based Network Access
Control”802.1X™- 2004
Configuring WLAN Security
To configure WLAN Security on a service template, map the service template to a radio. The SSID
name, advertisement setting (beaconing), and encryption settings are configured in the service
template. You can configure the SSID to support any combination of WPA, RSN, and non-WPA clients.
Task
Description
Enabling an Authentication Method
Required
Optional
Configuring the GTK Rekey Method
Optional
Required
Required
Optional
Enabling an Authentication Method
You can enable both open system authentication and shared key authentication or either of them.