beautypg.com

Protocols and standards, Configuring wlan security, Enabling an authentication method – H3C Technologies H3C WA2600 Series WLAN Access Points User Manual

Page 19

background image

5-4

1) PSK

authentication

Both WPA wireless access and WPA2 wireless access support PSK authentication. To implement PSK

authentication, the client and the authenticator must have the same shared key configured.

2) 802.1X

authentication

As a port-based access control protocol, 802.1X authenticates and controls accessing devices at the

port level. A device connected to an 802.1X-enabled port of a WLAN access control device can access

the resources on the WLAN only after passing authentication.

3) MAC

authentication

MAC authentication provides a way for authenticating users based on ports and MAC addresses. For

this authentication, the user does not need to install any client software. When the device first detects

the MAC address of a user, it starts the authentication for the user. During the authentication process,

the user does not need to manually input username or password. In WLAN applications, MAC

authentication needs to get the MAC addresses of the clients in advance. Therefore, MAC

authentication is applicable to small-scaled networks with relatively fixed users, for example, SOHO

and small offices.

Protocols and Standards

z

IEEE Standard for Information technology— Telecommunications and information exchange

between systems— Local and metropolitan area networks— Specific requirements -2004

z

WI-FI Protected Access – Enhanced Security Implementation Based On IEEE P802.11i

Standard-Aug 2004

z

Information technology—Telecommunications and information exchange between

systems—Local and metropolitan area networks—Specific requirements—802.11, 1999

z

IEEE Standard for Local and metropolitan area networks” Port-Based Network Access

Control”802.1X™- 2004

Configuring WLAN Security

To configure WLAN Security on a service template, map the service template to a radio. The SSID

name, advertisement setting (beaconing), and encryption settings are configured in the service

template. You can configure the SSID to support any combination of WPA, RSN, and non-WPA clients.

Task

Description

Enabling an Authentication Method

Required

Configuring the PTK Lifetime

Optional

Configuring the GTK Rekey Method

Optional

Configuring Security IE

Required

Configuring Cipher Suit

Required

Configuring Port Security

Optional

Enabling an Authentication Method

You can enable both open system authentication and shared key authentication or either of them.

This manual is related to the following products: