Cisco Cisco Aironet 350 Access Points 릴리즈 노트
6
Release Notes for Cisco Aironet 340 and 350 Series Access Points and 350 Series Bridges Running VxWorks Firmware Version 12.03T
OL-4150-01
Limitations and Restrictions
Note
Draft standard 8 is the default setting in VxWorks firmware version 11.05 and earlier, and it might
remain in effect when you upgrade the VxWorks firmware to version 11.06 or later. Verify the setting on
the Authenticator Configuration page in the management system to make sure that the best draft standard
for your network is selected.
remain in effect when you upgrade the VxWorks firmware to version 11.06 or later. Verify the setting on
the Authenticator Configuration page in the management system to make sure that the best draft standard
for your network is selected.
Use the Authenticator Configuration page in VxWorks firmware version 11.06 or later to select the draft
of the 802.1x protocol the access point or bridge radio should use. Follow these steps to set the draft for
your access point or bridge:
of the 802.1x protocol the access point or bridge radio should use. Follow these steps to set the draft for
your access point or bridge:
Step 1
Browse to the Authenticator Configuration page in the access point management system:
a.
On the Summary Status page, click Setup.
b.
On the Setup page, click Security.
c.
On the Security Setup page, click Authentication Server.
Step 2
Use the 802.1x Protocol Version (for EAP authentication) drop-down menu to select the draft of the
802.1x protocol the access point or bridge radio should use. Menu options include:
802.1x protocol the access point or bridge radio should use. Menu options include:
•
Draft 7—No radio firmware versions compliant with Draft 7 have LEAP capability, so you
should not need to select this setting.
should not need to select this setting.
•
Draft 8—Select this option if LEAP-enabled client devices that associate with this access point
or bridge use radio firmware versions 4.13, 4.16, or 4.23.
or bridge use radio firmware versions 4.13, 4.16, or 4.23.
•
802.1x-2001 (formerly Draft 10)—This is the default setting in firmware versions 11.06 and
later. Select this option if client devices that associate with this access point or bridge use
Microsoft Windows XP EAP authentication or if LEAP-enabled client devices that associate
with this access point or bridge use radio firmware version 4.25 or later.
later. Select this option if client devices that associate with this access point or bridge use
Microsoft Windows XP EAP authentication or if LEAP-enabled client devices that associate
with this access point or bridge use radio firmware version 4.25 or later.
Step 3
Click Apply or OK to apply the setting. The access point or bridge reboots.
Select WEP Key 1 as Transmit Key for EAP Authentication
If you use Network-EAP as the authentication type on your wireless network, you must select key 1 as
the transmit key on the access point or bridge AP Radio Data Encryption page. The access point or bridge
uses the WEP key you enter in key slot 1 to encrypt multicast and broadcast data signals that it sends to
EAP-enabled client devices. Because the access point or bridge transmits the WEP key used for multicast
messages to the EAP-enabled client device during the EAP authentication process, that key does not
have to appear in the EAP-enabled device’s WEP key list. The access point or bridge uses a dynamic
WEP key to encrypt unicast messages to EAP-enabled clients. When you set up a non-root bridge or
repeater access point to authenticate as a LEAP client, the bridge or repeater derives a dynamic WEP
key and uses it to communicate with the root bridge or access point. Bridges and repeaters not set up for
LEAP authentication use static WEP keys when communicating with other bridges and access points.
the transmit key on the access point or bridge AP Radio Data Encryption page. The access point or bridge
uses the WEP key you enter in key slot 1 to encrypt multicast and broadcast data signals that it sends to
EAP-enabled client devices. Because the access point or bridge transmits the WEP key used for multicast
messages to the EAP-enabled client device during the EAP authentication process, that key does not
have to appear in the EAP-enabled device’s WEP key list. The access point or bridge uses a dynamic
WEP key to encrypt unicast messages to EAP-enabled clients. When you set up a non-root bridge or
repeater access point to authenticate as a LEAP client, the bridge or repeater derives a dynamic WEP
key and uses it to communicate with the root bridge or access point. Bridges and repeaters not set up for
LEAP authentication use static WEP keys when communicating with other bridges and access points.
Note
If you do not use EAP authentication on your wireless network, you can select any WEP key as the
transmit key. If you use EAP authentication and you enable broadcast key rotation, you can enable WEP
without entering WEP keys.
transmit key. If you use EAP authentication and you enable broadcast key rotation, you can enable WEP
without entering WEP keys.