Configuring Security Settings - HP WL520 User Manual

Hide thumbs Also See for WL520:

User manual (115 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

Table of Contents

Upon receiving a reply EAP packet from the RADIUS, the message is typically forwarded to the client PC, after translating it

back to the EAPOL format. Negotiations take place between the client PC and the RADIUS server. After the client has been

successfully authenticated, the client PC receives an encryption key from the WL520 (if the EAP type supports automatic key

distribution). The client uses this key to encrypt data after it has been authenticated. For 802.11a, each client receives its own

unique encryption key; this is known as Per User Per Session Encryption keys. (This feature is only available when using 802.1x

mode; it is not available when in Mixed mode or using WEP encryption only).

configuring security settings

Click the 802.1x tab in the

configuration settings for standard encryption (that does not use 802.1x) are located on the Encryption page.) The WL520

software offers four security settings:

No security or encryption

Set the 802.1x Security Mode to

Encryption page.

WEP encryption only on one or both wireless interfaces

WEP encryption is the wireless equivalent of the security level available through a wired network. Select the 802.1x

Security Mode to

wireless PC Cards. The available Encryption Key Length varies based on the card type. See

each Wireless

Interface.

802.1x security (requires RADIUS server authentication)

When you decide to use the 802.1x security mode, you must first configure the RADIUS server to receive an

authentication response (see

operating system must also be configured to receive and send authenticated packets. Then, set 802.1x Security Mode

to 802.1x. In addition, you must select an Encryption Key Length

card type) and a Re-keying Interval. The rekey feature determines how often your encryption key is changed (the

interval between changes) and can be set to any value between 60 - 65535 seconds. Rekeying frustrates hacking

attempts without taxing system resources. Setting a fairly frequent rekey value (900 seconds=15 minutes) effectively

protects against intrusion without disrupting network activities. For detailed configuration steps, see

WL520 using 802.1x Security

Mixed mode with 802.1x and WEP encryption

Mixed mode supports both 802.1x and WEP encryption simultaneously. To use this option, set 802.1x Security Mode

to Mixed and configure the 802.1x settings (Encryption Key Length and Re-keying interval), Encryption settings

(enable Encryption and enter key 1), and RADIUS server settings. For Encryption settings, enable Encryption on the

required interfaces and enter key 1 (keys 2-4 are not required).

NOTE:

In Mixed mode, when entering Encryption Key 1

configured for Encryption Key Length

Encryption Key Length on the 802.1x page.

Encryption Key Length

setting up the wl520 using 802.1x security mode

In the Web Interface, click the

Select the

802.1x

NOTE:

Ignore the reboot message - this can be done when the entire procedure is finished.

Select the

RADIUS

Enable the Primary RADIUS server. (You must specify information for at least the Primary RADIUS server. The Backup

RADIUS server is optional.)

Enter an

Authorization Lifetime

re-authenticated). Range is 60 - 43200 seconds (in 60 sec increments); default is 900 sec.

Select a

Server Addressing Format

Client functionality. See

Enter the Server Name or IP Address for the Primary RADIUS server.

Enter the

Destination Port

communication port defined.

Enter the RADIUS server password in the

10. Configure the

Response Time

and

Maximum Retransmission

11. Reboot the WL520 device for these changes to take effect.

screen to set the 802.1x security mode for the WL520. (Note that the

Security Configuration

on the 802.1x page and disable Encryption for both interface cards on the

none

on the 802.1x page. Click the Encryption

none

RADIUS Authentication Settings

Encryption Key Length

Encryption Key Length for each wireless interface (key size varies based on

Mode.

Encryption Key 1

Encryption Key 1 on the Encryption page, you must use the same size key that you

Encryption Key 1

button and select the

Configure

tab. Set the

802.1x Security Mode

tab and the

sub-tab.

Radius Auth

(the length of time, in seconds, that can elapse before a client session is automatically

(either name or IP address). Use a server name only if you have enabled the DNS

RADIUS DNS Host Name

. The default is 1812, however your RADIUS server provider may have another

Shared Secret

(the maximum time, in seconds, to wait for the RADIUS server to respond to a request)

(the maximum number of times a request may be retransmitted) values.

Other Security Configuration Settings

Encryption tab and

Encryption

enable

for information on the server settings). Your computer

tab.

Security

to 802.1x

802.1x or Mixed

Mixed and click

802.1x

Mixed

Support.

and

Confirm Shared Secret

the Encryption status for one or both

Set WEP Encryption for

802.1x Security Mode

Setting Up the

802.1x Security Mode

fields.

2-24

Table of Contents

Configuring Security Settings - HP WL520 User Manual

configuring security settings

Related Manuals for HP WL520

Related Content for HP WL520

Table of Contents