Interface 2; Security - Proxim ORiNOCO AP-800 Installation And Management Manual

3.4.2 Interface 2

The Interface 2 (Radio2) of the device is dedicated exclusively for Wi-Fi Coverage. To configure Wireless Interface 2 properties,
follow the same procedure as explained in
By default, the Operational Mode for Interface 2 (Radio2) is set to 802.11g/n. However, you can also configure the
operational mode for Interface 2 in either 802.11a, 802.11g or 802.11g/n modes.
: For the JP (Japan) SKU, the Interface 2 (Radio2) of AP-8000, can be configured only in 2.4GHz frequency band, that
is in 802.11g or 802.11g/n modes. By default, the Operational Mode for Interface 2 (Radio2) is set to 802.11g/n.
All the configuration properties for interface 2 (Radio 2) are same as interface (Radio) 1 properties. To configure the properties
and 11n properties on interface 2, refer
Virtual Access Point
refer
: Interface 2 configuration is not applicable to AP-800, as it supports only one interface (radio).

3.5 Security

The device supports enhanced security features that enable you to prevent unauthorized access or damage to the nodes on
the wireless networks.
The device supports the following security features.
•
Wired Equivalent Privacy (WEP) Encryption
WEP provide confidentiality for network traffic by using the wireless protocol. WEP encrypts the data portion of each
packet exchanged on an 802.11 network by using an Encryption Key (also known as a WEP Key). When Encryption is
enabled, two 802.11 devices must have the same Encryption Keys and both devices must be configured to use
Encryption in order to communicate.
•
802.1x Authentication
802.1x provides an authentication framework for wireless LANs, allowing a user to be authenticated by a central
authority. 802.1x uses an existing protocol, the Extensible Authentication Protocol (EAP, RFC 2284), that works on
Ethernet, Token Ring, or wireless LANs for message exchange during the authentication process.
In a wireless LAN with 802.1x, a user (known as the Supplicant) requests access to an Access Point (known as the
Authenticator). The Access Point forces the user into an unauthorized state that allows the client to send only an EAP
start message. The Access Point returns an EAP message requesting the user's identity. The client returns the identity,
which is then forwarded by the Access Point to the authentication server (Remote Authentication Dial-In User Service
(RADIUS)), which uses an algorithm to authenticate the user and then returns an accept or reject message back to the
Access Point. Assuming an accept was received, the Access Point changes the client's state to authorized and normal
traffic can now flow.
•
Wi-Fi Protected Access (WPA/802.11i [WPA2])
– WPA: WPA is a replacement for WEP. WPA uses the Temporal Key Integrity Protocol (TKIP) for key management,
and offers a choice of either the 802.1x authentication framework together with extensible authentication protocol
(EAP) for enterprise WLAN security (Enterprise mode), or simpler pre-shared key (PSK) authentication for the home
or small office network which does not have an authentication server (Personal mode).
– WPA2: IEEE 802.11i, also known as WPA2, is an amendment to the 802.11 standard specifying security
mechanisms for wireless networks. 802.11i uses Advanced Encryption Standard (AES) block cipher.
ORiNOCO® AP-800 and AP-8000 Installation and Management Guide
Interface
Properties
(VAP).
Device Configuration Using Web Interface
1.
11n Properties, respectively. To configure the VAPs on interface 2,
and
57