Security; Supporting Cam And Psp Stations - 3Com AirConnect User Manual

Security

Supporting CAM and
PSP Stations
Enabling the extended roaming feature is like giving an individual a local post
office forwarding address when leaving home for an extended period. When mail
arrives for the individual home address, it is forwarded by the local post office to
the current care-of-address. Using this method, only the local post office requires
notification of the individual current address. While this example represents the
general concept of extended roaming operation and functionality, it does not
represent the implementation of extended roaming used.
If you wish to use extended roaming, set your wireless clients for extended
roaming as specified in the AirConnect Wireless PC Card User Guide.
The following terms describe elements of the extended roaming feature:
A tunnel is the path taken by the original packet encapsulated within the
I
payload portion of a second packet to some destination on the network.
A Home Agent is an AP acting as a router on the wireless client home network.
I
The home agent intercepts packets sent to the wireless client home address
and tunnels the message to the wireless client at its current location. This
happens as long as the wireless client keeps its home agent informed of its
current location on some foreign link.
A Foreign Agent is an AP acting as a router at the wireless client location on a
I
foreign link. The foreign agent serves as the default router for packets sent out
by the wireless client connected on the same foreign link.
A care-of-address is the IP address used by the wireless client visiting a foreign
I
link. This address changes each time the wireless client moves to another
foreign link. It can also be viewed as an exit point of a tunnel between the
wireless client home agent and the wireless client itself.
Security involves two distinct areas: authentication and privacy. Authentication
ensures that only authorized users access the wireless network. Privacy ensures
that communication between authenticated users and the network cannot be
intercepted or overheard. The Access Control List provides authentication using
the wireless LAN service area and a system administrator-supplied list of all the
wireless client MAC addresses authorized to access the Home Service Area. Privacy
is ensured by enabling the 40-bit WEP encryption option.
Continuously Aware Mode (CAM) stations leave their radios on continuously to
hear every beacon and message transmitted. These systems operate without any
adjustments by the AP.
A beacon is a uniframe system packet broadcast by the AP to keep the network
synchronized. A beacon includes the wireless LAN service area, the AP address, the
Broadcast destination addresses, a time stamp, Delivery Traffic Indicator Maps, and
the Traffic Indicator Message (TIM).
Power Save Polling (PSP) stations power off their radios for long periods. When a
wireless client in PSP mode associates with an AP, it notifies the AP of its activity
status. The AP responds by buffering packets received for the wireless client. The
PSP-mode wireless client wakes up to listen to the AP beacon every n
Interval where is a PSP-mode value from the 1 to 5-range; the Beacon Interval is
n
set on the wireless client. When the wireless client wakes up and sees its bit set in
the TIM, it issues a poll request to the AP for packets stored for it. The AP sends
Theory of Operation 23
th Beacon