Security Profile Example - ZyXEL Communications UAG Series Reference Manual
Unified access gateway
Hide thumbs
Also See for UAG Series:
- User manual (323 pages) ,
- Cli reference manual (282 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Table 21 Command Summary: Security Profile (continued)
COMMAND
wpa-encrypt {tkip | aes | auto}
wpa-psk {wpa_key | wpa_key_64}
[no] wpa2-preauth
[no] reauth <30..30000>
idle <30..30000>
group-key <30..30000>
[no] dot1x-eap
eap {external | internal auth_method}
[no] server-auth <1..2> activate
server-auth <1..2> ip address ipv4_address
port <1..65535> secret secret
[no] server-auth <1..2>
exit
7.5.1 Security Profile Example
The following example creates a security profile with the name 'SECURITY01'..
Router(config)# wlan-security-profile SECURITY01
Router(config-security-profile)# mode wpa2
Router(config-security-profile)# wpa-encrypt aes
Router(config-security-profile)# wpa-psk 12345678
Router(config-security-profile)# idle 3600
Router(config-security-profile)# reauth 1800
Router(config-security-profile)# group-key 1800
Router(config-security-profile)# exit
Router(config)#
UAG CLI Reference Guide
DESCRIPTION
Sets the WPA/WPA2 encryption cipher type.
auto: This automatically chooses the best available cipher based
on the cipher in use by the wireless client that is attempting to
make a connection.
tkip: This is the Temporal Key Integrity Protocol encryption
method added later to the WEP encryption protocol to further
secure. Not all wireless clients may support this.
aes: This is the Advanced Encryption Standard encryption
method, a newer more robust algorithm than TKIP Not all
wireless clients may support this.
Sets the WPA/WPA2 pre-shared key.
Enables pre-authentication to allow wireless clients to switch APs
without having to re-authenticate their network connection. The
RADIUS server puts a temporary PMK Security Authorization
cache on the wireless clients. It contains their session ID and a
pre-authorized list of viable APs.
Use the no parameter to disable this.
Sets the interval (in seconds) between authentication requests.
The default is 0.
Sets the idle interval (in seconds) that a client can be idle before
authentication is discontinued.
The default is 300.
Sets the interval (in seconds) at which the AP updates the group
WPA/WPA2 encryption key.
The default is 1800.
Enables 802.1x secure authentication. Use the no parameter to
disable it.
Sets the 802.1x authentication method.
Activates server authentication. Use the no parameter to
deactivate.
Sets the IPv4 address, port number and shared secret of the
RADIUS server to be used for authentication.
Clears the server authentication setting.
Exits configuration mode for this profile.
Chapter 7 Wireless LAN Profiles
69
Advertisement
Table of Contents
