Accton Technology 2555WAG2 Manuel D’Utilisation
Command Line Interface
7-124
7
Command Mode
Interface Configuration (Wireless-VAP)
Command Usage
• WPA2 provides fast roaming for authenticated clients by retaining keys and
other security information in a cache, so that if a client roams away from an
access point and then returns reauthentication is not required.
access point and then returns reauthentication is not required.
• When a WPA2 client is first authenticated, it receives a Pairwise Master Key
(PMK) that is used to generate other keys for unicast data encryption. This
key and other client information form a Security Association that the access
point names and holds in a cache. The lifetime of this security association
can be configured with this command. When the lifetime expires, the client
security association and keys are deleted from the cache. If the client
returns to the access point, it requires full reauthentication.
key and other client information form a Security Association that the access
point names and holds in a cache. The lifetime of this security association
can be configured with this command. When the lifetime expires, the client
security association and keys are deleted from the cache. If the client
returns to the access point, it requires full reauthentication.
• The access point can store up to 256 entries in the PMKSA cache.
Example
pre-authentication
This command enables WPA2 pre-authentication for fast secure roaming.
Syntax
pre-authentication <enable | disable>
• enable - Enables pre-authentication for the VAP interface.
• disable - Disables pre-authentication for the VAP interface.
• disable - Disables pre-authentication for the VAP interface.
Default Setting
Disabled
Command Mode
Interface Configuration (Wireless-VAP)
Command Usage
• Each time a client roams to another access point it has to be fully
re-authenticated. This authentication process is time consuming and can
disrupt applications running over the network. WPA2 includes a
mechanism, known as pre-authentication, that allows clients to roam to a
new access point and be quickly associated. The first time a client is
authenticated to a wireless network it has to be fully authenticated. When
the client is about to roam to another access point in the network, the
access point sends pre-authentication messages to the new access point
that include the client’s security association information. Then when the
client sends an association request to the new access point the client is
disrupt applications running over the network. WPA2 includes a
mechanism, known as pre-authentication, that allows clients to roam to a
new access point and be quickly associated. The first time a client is
authenticated to a wireless network it has to be fully authenticated. When
the client is about to roam to another access point in the network, the
access point sends pre-authentication messages to the new access point
that include the client’s security association information. Then when the
client sends an association request to the new access point the client is
Enterprise AP(if-wireless g: VAP[0])#wpa-pre-shared-key ASCII agoodsecret
Enterprise AP(if-wireless g: VAP[0])#
Enterprise AP(if-wireless g: VAP[0])#