Enterasys Networks 9033900-04 Benutzerhandbuch
Command Groups
RoamAbout Access Point 3000 Configuration Guide
A-145
wpa-clients
This command defines whether Wi‐Fi Protected Access (WPA) is required, optionally supported,
or not supported for client stations.
or not supported for client stations.
Syntax
wpa-clients <not-supported | required | supported>
• not‐supported ‐ Access point does not support clients using WPA.
• required ‐ Supports only clients using WPA.
• supported ‐ Support clients with or without WPA.
Default Setting
Supported
Command Mode
Interface Configuration (Wireless)
Interface Configuration (Wireless): VAP
Command Usage
• Use this command for the default interface or any of the seven VAPs configurable per radio
interface.
• Wi‐Fi Protected Access (WPA) provides improved data encryption, which was weak in
WEP, and user authentication, which was largely missing in WEP. WPA uses the following
security mechanisms.
security mechanisms.
• Enhanced Data Encryption through TKIP
• WPA uses Temporal Key Integrity Protocol (TKIP). TKIP provides data encryption
enhancements including per‐packet key hashing (i.e., changing the encryption key on each
packet), a message integrity check, an extended initialization vector with sequencing rules,
and a re‐keying mechanism.
packet), a message integrity check, an extended initialization vector with sequencing rules,
and a re‐keying mechanism.
• Enterprise‐level User Authentication via 802.1x and EAP
• To strengthen user authentication, WPA uses 802.1x and the Extensible Authentication
Protocol (EAP). Used together, these protocols provide strong user authentication via a
central RADIUS authentication server that authenticates each user on the network before
they join it. WPA also employs “mutual authentication” to prevent a wireless client from
accidentally joining a rogue network.
central RADIUS authentication server that authenticates each user on the network before
they join it. WPA also employs “mutual authentication” to prevent a wireless client from
accidentally joining a rogue network.