3Com Corporation WL306 Manuel D’Utilisation
Setting up Security
29
type of encryption used if the access point is handling encryption. To maintain
wireless association, the encryption settings on clients and all the access points
they associate with must match exactly.
wireless association, the encryption settings on clients and all the access points
they associate with must match exactly.
In addition to providing wireless encryption, access point security can be
integrated with upper layer authentication provided by a RADIUS server on the
wired LAN using IEEE 802.1x support.
integrated with upper layer authentication provided by a RADIUS server on the
wired LAN using IEEE 802.1x support.
Security Settings
The following security settings are available on the Encryption page. Security
settings that use access point encryption also require you to select from the
options available under Access Point Encryption Settings, which are described in
“Access Point Encryption Settings”.
settings that use access point encryption also require you to select from the
options available under Access Point Encryption Settings, which are described in
“Access Point Encryption Settings”.
■
Access Point Local Authentication/Encryption—Disables upper-layer
authentication, so the access point handles both authentication and
encryption. It can be used with any of the encryption options described in
“Access Point Encryption Settings”.
authentication, so the access point handles both authentication and
encryption. It can be used with any of the encryption options described in
“Access Point Encryption Settings”.
■
RADIUS EAP-MD5 Authentication with Access Point Encryption—Enables
RADIUS authentication using MD5 (username-password) authentication. It can
be used with No Security (Open System), 40-bit Encryption Shared Key (Wi-Fi),
or 128-bit Encryption Shared Key as described in “Access Point Encryption
Settings”.
RADIUS authentication using MD5 (username-password) authentication. It can
be used with No Security (Open System), 40-bit Encryption Shared Key (Wi-Fi),
or 128-bit Encryption Shared Key as described in “Access Point Encryption
Settings”.
■
RADIUS Serial Authentication with Dynamic Encryption Key—Enables
mutual RADIUS authentication implementation, which allows client and
RADIUS to mutually authenticate (EAP-TLS) and perform user authentication
(EAP-MD5). You can select either 40-bit or 128-bit Dynamic Encryption.
Selecting Auto-Session Key Renew causes the access point and clients to
periodically change session keys, greatly enhancing security.
mutual RADIUS authentication implementation, which allows client and
RADIUS to mutually authenticate (EAP-TLS) and perform user authentication
(EAP-MD5). You can select either 40-bit or 128-bit Dynamic Encryption.
Selecting Auto-Session Key Renew causes the access point and clients to
periodically change session keys, greatly enhancing security.
RADIUS EAP-TLS Authentication with Dynamic Encryption Key
(Windows XP only)—Enables certificate-based mutual RADIUS authentication
with 40-bit or 128-bit Dynamic Encryption. This setting is supported for clients
running under Windows XP.
(Windows XP only)—Enables certificate-based mutual RADIUS authentication
with 40-bit or 128-bit Dynamic Encryption. This setting is supported for clients
running under Windows XP.
■
Access Point Local MAC Authentication/Encryption—Enables client
authentication through a list of MAC addresses stored on the access point.
Only clients whose MAC addresses are on the list can associate with the access
point. This option can be used with No Security (Open System), 40-bit
Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in
“Access Point Encryption Settings”. For details on how to set up the access list,
see “Setting up a MAC Address Access List” on page 31.
authentication through a list of MAC addresses stored on the access point.
Only clients whose MAC addresses are on the list can associate with the access
point. This option can be used with No Security (Open System), 40-bit
Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in
“Access Point Encryption Settings”. For details on how to set up the access list,
see “Setting up a MAC Address Access List” on page 31.
■
RADIUS MAC Authentication with Access Point Encryption—Enables
client authentication through a list of MAC addresses stored on a RADIUS
server. Only clients whose MAC addresses are on the list can associate with the
access point. This option can be used with No Security (Open System), 40-bit
Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in
“Access Point Encryption Settings”. For details on how to create the MAC
authentication list on the RADIUS server, see RADIUS documentation.
client authentication through a list of MAC addresses stored on a RADIUS
server. Only clients whose MAC addresses are on the list can associate with the
access point. This option can be used with No Security (Open System), 40-bit
Encryption Shared Key (Wi-Fi), or 128-bit Encryption Shared Key as described in
“Access Point Encryption Settings”. For details on how to create the MAC
authentication list on the RADIUS server, see RADIUS documentation.
Access Point Encryption
Settings
The following encryption settings are available on the Encryption page. These
encryption settings are for Security settings that use access point encryption:
encryption settings are for Security settings that use access point encryption:
■
No Security (Open System)—No encryption is used. The network
communications could be intercepted by unintended recipients.
communications could be intercepted by unintended recipients.