beautypg.com

H3C Technologies H3C Intelligent Management Center User Manual

Page 199

background image

177

Encryption

Security information parameters

timeout value configured on the RADIUS server.

Secondary RADIUS Server—Click the box next to the Secondary RADIUS

Server field to enable the secondary authentication server.

Address—Enter the IP address or domain name of the secondary

authentication server. This field appears only when Secondary RADIUS Server

is enabled.

Secret—Enter the password used for communication between the fat AP and

the secondary authentication server. This field appears only when Secondary

RADIUS Server is enabled.

WPA Pre-Shared

Key

Version—Select a WPA version from the list. Options are WPA, WPA2, and

WPA or WPA2. The default cipher value varies with the WPA version. For more
information, see

Table 13

.

Cipher—Select a link layer encryption protocol from the list. Options are TKIP,
CCMP (AES), and TKIP+CCMP (AES). The parameter is determined by

Encryption and Version.

{

TKIP—Temporal key integrity protocol uses the RC4 algorithm as WEP does,
but provides more secure protection for WLAN.

{

CCMP (AES)—Counter mode with CBC-MAC protocol is a Counter-
Mode/CBS-MAC mechanism based on advanced encryption standard

(AES) to provide high security.

Key Type—Key type defaults to ASCII, which cannot be modified.

Pre-Shared Key—Enter the pre-shared key.

WPA 802.1X

Version—Select a WPA version from the list. Options are WPA, WPA2, and

WPA or WPA2. The default cipher value varies with WPA versions. For more
information, see

Table 13

.

Cipher—Select a link layer encryption protocol from the list. Options include

TKIP, CCMP (AES), and TKIP+CCMP (AES). The parameter is determined by
Encryption and Version.

Address (Primary Authentication Server)—Enter the IP address or domain

name of the primary authentication server.

Port—Enter the port used by the authentication server to listen for

authentication packets.

Secret—Enter the password used for communication between the fat AP and

the authentication server.

Retry Interval (s)—Specify the time the fat AP must wait before retrying to

connect to the authentication server after a connection times out.

Retry Timeout (s)—Select the box next to the Retry Timeout (s) field to enable

the server response timeout timer, and specify the server response timeout time.

The value is in the range 2 to 60. If a fat AP sends an authentication request to
the authentication server but receives no response in the specified time, it

considers the authentication request timed out. If you do not enable this

feature, the fat AP determines whether an authentication request has timed out
according to the default timeout value configured on the RADIUS server.

Secondary RADIUS Server—Select the box next to the Secondary RADIUS

Server field to enable the secondary authentication server.

Address—This field appears only when Secondary RADIUS Server is enabled.

Enter the IP address or domain name of the secondary authentication server.

Secret—This field appears only when Secondary RADIUS Server is enabled.

Enter the password used for communication between the fat AP and the

secondary authentication server.

See also other documents in the category H3C Technologies Safety: