Tranzeo Wireless Technologies Inc GNVPZ1NT3 Manuale Utente
Chapter 12: Virtual Access Point (VAP)
Configuration
TR0153 Rev. E1
94
CLI
The example below shows how to enable WPA-PSK mode for wlan1. The ‘wpa.key_mgmt’
parameter must also be set to indicate that PSK mode is being used, as shown below.
parameter must also be set to indicate that PSK mode is being used, as shown below.
> use wlan1
wlan1> set wpa.enable=yes
wlan1> set wpa.key_mgmt=”WPA-PSK”
wlan1> set wpa.passphrase=long_passphrases_improve_encryption_effectiveness
wlan1> set wpa.enable=yes
wlan1> set wpa.key_mgmt=”WPA-PSK”
wlan1> set wpa.passphrase=long_passphrases_improve_encryption_effectiveness
Web GUI
WPA-PSK can be enabled and the pre-shared key can be set via the web interface using the
“WPA/WEP” sub-tab under the “AAA” tab on the “System Parameters” page (see Figure 45).
Select “WPA-PSK” as the type of encryption/authentication from the drop-down menu for the
VAP you wish to configure and enter the WPA-PSK key in the text box below the drop-down
menu. In the example in Figure 45, ‘wlan2’ has been configured to use WPA-PSK.
“WPA/WEP” sub-tab under the “AAA” tab on the “System Parameters” page (see Figure 45).
Select “WPA-PSK” as the type of encryption/authentication from the drop-down menu for the
VAP you wish to configure and enter the WPA-PSK key in the text box below the drop-down
menu. In the example in Figure 45, ‘wlan2’ has been configured to use WPA-PSK.
12.9.3
WPA EAP Mode
In WPA-EAP mode, a client device is authenticated using an 802.1x authentication server,
which is typically a RADIUS server.
The supported EAP modes are:
• TLS
which is typically a RADIUS server.
The supported EAP modes are:
• TLS
(X509v3 server & client certificates)
• PEAP-TLS
(X509v3 server & client certificates)
• TTLS
(X509v3 server certificate)
• PEAP-MSCHAPv2
(X509v3 server certificate)
The following information must be provided about the RADIUS server:
• address – the IP address of the 802.1x server that will be used for authentication
• port – the port that the authentication server is listening on (UDP port 1812 by default)
• secret – the shared secret for the authentication server. The secret must be a string that is
no longer than 32 characters in length.
See section 19.5 for instructions on how to test the RADIUS configuration and a specific set of
credentials.
CLI
To configure the EnRoute500 to support 802.1x authentication, the following parameters in a
‘wlanN’ interface must be set:
‘wlanN’ interface must be set: