Table of Contents
Advertisement
Administering the WMIC
Table 3
Security Types Assignable to SSIDs (continued)
Security Type
Description
Extensible
This option enables 802.1x authentication (such as
Authentication
LEAP, PEAP, EAP-TLS, EAP-TTLS, EAP-GTC, and
Protocol (EAP)
other 802.1X/EAP based products). It requires an IP
Authentication
address and shared secret for an authentication server
on the network (server authentication port 1645).
Because 802.1x authentication provides dynamic
encryption keys, a WEP key is not required.
WPA
WPA permits wireless access to users authenticated
against a database through the services of an
authentication server, and encrypts those users' IP
traffic with stronger algorithms than those used in
WEP. As with EAP authentication, the IP address and
shared secret for an authentication server on your
network (server authentication port 1645) are required.
This setting uses encryption ciphers, Temporal Key
Integrity Protocol (TKIP), open authentication + EAP,
network EAP authentication, key management WPA
mandatory, and RADIUS server authentication port
1645.
Security Features Enabled
Mandatory 802.1x authentication, In root
access point mode, client devices that
associate using this SSID must perform
802.1x authentication.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also be
configured. If you do not configure open
authentication with EAP, the following GUI
warning message appears:
WARNING:
Network EAP is used for LEAP
authentication only. If radio clients are
configured to authenticate using
EAP-FAST, Open Authentication with EAP
should also be configured.
If you are using the command-line interface
(CLI), this warning message appears:
SSID CONFIG WARNING: [SSID]: If
radio clients are using EAP-FAST, AUTH
OPEN with EAP should also be configured.
Mandatory WPA authentication. Client
devices that associate using this SSID must
be WPA-capable.
If radio clients are configured to
authenticate using EAP-FAST, open
authentication with EAP should also be
configured. If you don't configure open
authentication with EAP, the following GUI
warning message appears:
WARNING:
Network EAP is used for LEAP
authentication only. If radio clients are
configured to authenticate using
EAP-FAST, Open Authentication with EAP
should also be configured.
If you are using the CLI, this warning
message appears:
SSID CONFIG WARNING: [SSID]: If
radio clients are using EAP-FAST, AUTH
OPEN with EAP should also be configured.
Cisco 3200 Series Wireless MIC Software Configuration Guide
Protecting the Wireless LAN
13
Hide quick links:
Advertisement
Table of Contents
