HP ProCurve 420 Management And Configuration Manual page 135

– None: The access point does not use 802.1X authentication for
any wireless client. After successful wireless association with the
access point, each client is allowed to access the network.
– Supported: The access point supports 802.1X authentication
only for clients initiating the 802.1X authentication process (the
access point does not initiate 802.1X authentication). For clients
initiating 802.1X, only those successfully authenticated are
allowed to access the network. For those clients not initiating
802.1X, access to the network is allowed after successful wireless
association with the access point.
– Required: The access point enforces 802.1X authentication for
all associated wireless clients. If 802.1X authentication is not
initiated by a client, the access point will initiate authentication.
Only those clients successfully authenticated with 802.1X are
allowed to access the network.
• Cipher: Indicates the encryption method used for multicast (and
broadcast) and unicast traffic.
– wep-tkip: Using WEP keys for multicast encryption and TKIP
keys for unicast encryption.
– tkip-tkip: Using TKIP keys for both multicast and unicast
encryption.
– aes-aes: Using AES keys for both multicast and unicast encryp­
tion.
For security wizard options that require a RADIUS server, parameters can be
configured on the Auth. Servers window. See "Web: Setting RADIUS Server
Parameters" on page 5-42 for more details. The Auth. Servers window also
provides the following 802.1X parameters for reauthentication and key refresh
rates when using dynamic WEP or WPA security:
Broadcast Key Refresh Rate: Sets the interval at which the broadcast
■
keys are refreshed for stations using 802.1X dynamic keying. (Range: 0 -
1440 minutes; Default: 0 = disabled)
Session Key Refresh Rate: The interval at which the access point
■
refreshes unicast session keys for associated clients. (Range: 0 - 1440
minutes; Default: 0 = disabled)
■ 802.1x Reauthentication Refresh Rate: The time period after which a
connected client must be re-authenticated. During the re-authentication
process of verifying the client credentials on the RADIUS server, the client
remains connected the network. Only if re-authentication fails is network
access blocked. (Range: 0-65535 seconds; Default: 0 = Disabled)
To Configure Static WEP Shared Keys:
Select the Security tab.
1.
Access Point Configuration
Configuring Wireless Security
5-77