3com 3CRWE825075A Manual De Usuario
32
Configure the options as described below. When you are finished, click Apply.
n
MAC Authentication— Selecting MAC authentication allows you to define
access permission and precedence. Options are:
access permission and precedence. Options are:
Local MAC— With this option, the MAC address of the associating station is
compared against the local access control list. You must build this list (called the
MAC Authentication Table) as described in Local MAC Authentication below.
Use this option if you want to restrict wireless clients authentication to the access
point based off their MAC address.
RADIUS MAC— With this option, the MAC address of the associating station is
sent to the configured RADIUS server for validation. You must specify the
authentication sequence and the corresponding parameters for the remote
authentication protocol. See “RADIUS” on page 30 and “802.11x Setup” below.
Disable— No MAC address related checks are performed on a client requesting
authentication to the access point.
compared against the local access control list. You must build this list (called the
MAC Authentication Table) as described in Local MAC Authentication below.
Use this option if you want to restrict wireless clients authentication to the access
point based off their MAC address.
RADIUS MAC— With this option, the MAC address of the associating station is
sent to the configured RADIUS server for validation. You must specify the
authentication sequence and the corresponding parameters for the remote
authentication protocol. See “RADIUS” on page 30 and “802.11x Setup” below.
Disable— No MAC address related checks are performed on a client requesting
authentication to the access point.
n
802.1x Setup—802.1x is designed to enhance the security management of the
wireless network. Select one of the following options:
wireless network. Select one of the following options:
Disable— The access point will neither initiate nor respond to any 802.1x
authentication requests to or from wireless clients.
Supported — Legacy clients (non 802.1x) and 802.1x clients are both supported.
This is provided for ease of migration. This option works with WPA key
management set to either “WPA authentication over 802.1x” or “WPA pre-shared
key (PSK)” on the radio security page.
Required — Clients authenticate to a RADIUS server via the access point. Clients
are not allowed onto the wired LAN until authentication is successful. If two
Radios are installed and WPA is being used, both radios’ security must be set to
“WPA authentication over 802.1x” for the WPA key management when 802.1x is
Required. If one radio’s security is set to “WPA pre-shared key (PSK)” for WPA
key management and the other is “WPA authentication over 802.1x”, then the
802.1x Setup must be set to “Supported” instead.
When 802.1x is enabled, the broadcast and session key rotation intervals can also
be configured. Set these values to force the periodic refresh of broadcast or session
keys for each 802.1x client.
First set up the RADIUS authentication for the client on the RADIUS
authentication server. (See “RADIUS” on page 30.) Select Supported or Required
on the 802.1x Setup field above. Enter data as described in the following table.
authentication requests to or from wireless clients.
Supported — Legacy clients (non 802.1x) and 802.1x clients are both supported.
This is provided for ease of migration. This option works with WPA key
management set to either “WPA authentication over 802.1x” or “WPA pre-shared
key (PSK)” on the radio security page.
Required — Clients authenticate to a RADIUS server via the access point. Clients
are not allowed onto the wired LAN until authentication is successful. If two
Radios are installed and WPA is being used, both radios’ security must be set to
“WPA authentication over 802.1x” for the WPA key management when 802.1x is
Required. If one radio’s security is set to “WPA pre-shared key (PSK)” for WPA
key management and the other is “WPA authentication over 802.1x”, then the
802.1x Setup must be set to “Supported” instead.
When 802.1x is enabled, the broadcast and session key rotation intervals can also
be configured. Set these values to force the periodic refresh of broadcast or session
keys for each 802.1x client.
First set up the RADIUS authentication for the client on the RADIUS
authentication server. (See “RADIUS” on page 30.) Select Supported or Required
on the 802.1x Setup field above. Enter data as described in the following table.
Field
Default
Description
Broadcast Key Refresh Rate 0
(minutes)
Defines how long the RADIUS server will
refresh the primary broadcast key.
refresh the primary broadcast key.