Foundry Networks IronPoint 200 User Manual page 163

802.1x Setup – You can enable 802.1x as optionally supported or as required to enhance the
security of the wireless network. When 802.1x is enabled, the broadcast and session key rotation
intervals can also be configured for the VAP interface. (Default: Disable)
• Disable: The VAP interface does not support 802.1x authentication for any wireless client. After
successful wireless association with the access point, each client is allowed to access the
network.
• Supported: The VAP interface supports 802.1x authentication only for clients initiating the 802.1x
authentication process (the access point does not initiate 802.1x authentication). For clients
initiating 802.1x, only those successfully authenticated are allowed to access the network. For
those clients not initiating 802.1x, access to the network is allowed after successful wireless
association with the access point.
• Required: The VAP interface enforces 802.1x authentication for all associated wireless clients.
If 802.1x authentication is not initiated by a client, the access point will initiate authentication. Only
those clients successfully authenticated with 802.1x are allowed to access the network.
• Broadcast Key Refresh Rate: If 802.1x is set to Supported or Required, sets the interval at
which the broadcast keys are refreshed for stations using 802.1x dynamic keying. (Range: 0, 60-
1440 minutes; 0 means disabled. Default: 120 minutes)
• 802.1x Re-authentication Refresh Rate: If 802.1x is set to Supported or Required, sets the time
period after which a connected client must be re-authenticated. During the re-authentication
process of verifying the client's credentials on the RADIUS server, the client remains connected
the network. Only if re-authentication fails is network access blocked. (Range: 0, 60-1440
minutes; Default: 0 means disabled)
November 2006 © 2006 Foundry Networks, Inc.
Wireless Client Authentication
18-9