H3C WA Series WLAN Access Points. WLAN Configuration Guide. Hangzhou H3C Technologies Co., Ltd. Document Version: 6W

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "H3C WA Series WLAN Access Points. WLAN Configuration Guide. Hangzhou H3C Technologies Co., Ltd. Document Version: 6W"

Transcription

1 H3C WA Series WLAN Access Points WLAN Configuration Guide Hangzhou H3C Technologies Co., Ltd. Document Version: 6W

2 Copyright 2010, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd. Trademarks H3C,, Aolynk,, H 3 Care,, TOP G,, IRF, NetPilot, Neocean, NeoVTL, SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V 2 G, V n G, PSPT, XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co., Ltd. All other trademarks that may be mentioned in this manual are the property of their respective owners. Notice The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.

3 Preface The H3C WA documentation set includes 10 configuration guides, which describe the software features for the H3C WA series WLAN access points and guide you through the software configuration procedures. These configuration guides also provide configuration examples to help you apply the software features to different network scenarios. The WLAN Configuration Guide describes WLAN interface, WLAN service, WLAN security, WLAN RRM, WLAN IDS, WLAN QoS, and WDS configurations. This preface includes: Audience Conventions About the H3C WA Documentation Set Obtaining Documentation Documentation Feedback Audience This documentation is intended for: Network planners Field technical support and servicing engineers Network administrators working with the WA series Conventions This section describes the conventions used in this documentation set. Command conventions Convention Boldface italic [ ] { x y... } [ x y... ] { x y... } * [ x y... ] * Description Bold text represents commands and keywords that you enter literally as shown. Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which you select one. Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none. Asterisk marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one. Asterisk marked square brackets enclose optional syntax choices separated by vertical bars, from which you may select multiple choices or none.

4 Convention Description &<1-n> The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times. # A line that starts with a pound (#) sign is comments. GUI conventions Boldface > Convention Description Window names, button names, field names, and menu items are in Boldface. For example, the New User window appears; click OK. Multi-level menus are separated by angle brackets. For example, File > Create > Folder. Symbols Convention Description Means reader be extremely careful. Improper operation may cause bodily injury. Means reader be careful. Improper operation may cause data loss or damage to equipment. Means an action or information that needs special attention to ensure successful configuration or good performance. Means a complementary description. Means techniques helpful for you to make configuration with ease. About the H3C WA Documentation Set The H3C WA documentation set includes: Category Documents Purposes Product description and specifications Hardware specifications and installation Software configuration Marketing brochures Technology white papers Compliance and safety manual Quick start Installation guide Getting started guide Configuration guides Command references Describe product specifications and benefits. Provide an in-depth description of software features and technologies. Provides regulatory information and the safety instructions that must be followed during installation. Guides you through initial installation and setup procedures to help you quickly set up and use your AP with the minimum configuration. Guides you through hardware specifications and installation methods to help you install your AP. Guides you through the main functions of your AP, and describes how to install and log in to your AP, perform basic configurations, maintain software, and troubleshoot your AP. Describe software features and configuration procedures. Provide a quick reference to all available commands.

5 Category Documents Purposes Operations and maintenance User FAQ Release notes Provides answers to some of the most frequently asked questions on how to troubleshoot your AP. Provide information about the product release, including the version history, hardware and software compatibility matrix, version upgrade information, technical support information, and software upgrading. Obtaining Documentation You can access the most up-to-date H3C product documentation on the World Wide Web at Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support & Documents > Technical Documents] Provides hardware installation, software upgrading, getting started, and software feature configuration and maintenance documentation. [Products & Solutions] Provides information about products and technologies, as well as solutions. [Technical Support & Documents > Software Download] Provides the documentation released with the software version. Documentation Feedback You can your comments about product documentation to We appreciate your comments.

6 Table of Contents 1 Applicable Models and Software Versions Feature Matrix Command/Parameter Matrix WLAN Interface Configuration Overview WLAN-Radio Interface Introduction Configuring a WLAN-Radio Interface WLAN-BSS Interface Introduction Configuring a WLAN-BSS Interface WLAN Mesh Interface Introduction Entering WLAN Mesh Interface View Configuring a WLAN Mesh Interface WLAN Mesh Link Interface Displaying and Maintaining a WLAN Interface WLAN Security Configuration WLAN Security Configuration Overview Authentication Modes WLAN Data Security Client Access Authentication Protocols and Standards Configuring WLAN Security Enabling an Authentication Method Configuring the PTK Lifetime Configuring the GTK Rekey Method Configuring Security IE Configuring Cipher Suit Configuring Port Security Displaying and Maintaining WLAN Security WLAN Security Configuration Examples PSK Authentication Configuration Example MAC-and-PSK Authentication Configuration Example X Authentication Configuration Example Dynamic WEP Encryption-802.1X Authentication Configuration Example Supported Combinations for Ciphers i

7 6 WLAN RRM Configuration Overview Configuration Task list Configuring Data Transmission Rates Configuring a/802.11b/802.11g Rates Configuring n Rates Configuring Power Constraint Prerequisites Configuring Power Constraint Configuring Only Non h Channels to Be Scanned Configuring Only Non h Channels to Be Scanned Enabling g Protection Displaying and Maintaining WLAN RRM WLAN IDS Configuration WLAN IDS Overview Terminology WLAN IDS IPS Configuring IDS Attack Detection Configuring IDS Attack Detection Displaying and Maintaining WLAN IDS Frame Filtering Overview Configuring WIDS-Frame Filtering Configuring Static White and Black Lists Configuring Dynamic Blacklist Feature Displaying and Maintaining WLAN IDS Frame Filtering WLAN IDS Frame Filtering Configuration Example WLAN QoS Configuration WLAN QoS Overview Terminology WMM Protocol Overview Protocols and Standards WMM Configuration Configuration Prerequisites Configuring WMM Displaying and Maintaining WMM WMM Configuration Examples WMM Basic Configuration CAC Service Configuration Example Troubleshooting EDCA Parameter Configuration Failure SVP or CAC Configuration Failure WDS Configuration Introduction to WDS Advantages of WDS ii

8 Deployment Scenarios WDS Configuration Task List Configuring WDS Port Security Configuring a Mesh Profile Configuring an MP Policy Mapping a Mesh Profile to the Radio of an MP Mapping an MP Policy to the Radio of an MP Specifying a Peer MAC Address on the Radio Displaying and Maintaining WDS WDS Configuration Examples WDS Point to Point Configuration Example WDS Point to Multi-Point Configuration Example WLAN Service Configuration WLAN Service Overview Terminology Wireless Client Access Overview WLAN Topologies Single BSS Multi-ESS Single ESS Multiple BSS (The multiple radio case) Protocols and Standards Configuring WLAN Service Configuring Global WLAN Parameters Specifying the Country Code Configuring a Service Template Configuring the Radio of an AP Configuring a Radio Interface Configuring n Configuring Uplink Detection Displaying and Maintaining WLAN Service Configuring WLAN Client Isolation Introduction Enabling WLAN Client Isolation WLAN Service Configuration Examples WLAN Service Configuration Example n Configuration Example Index iii

9 The models listed in this document are not applicable to all regions. Please consult your local sales office for the models applicable to your region. Read this chapter before using an H3C WA series WLAN access point. 1 Applicable Models and Software Versions H3C WA series WLAN access points include the WA2200 series and WA2600 series. Table 1-1 shows the applicable models and software versions. Table 1-1 Applicable models and software versions Series Model Software version WA2200 series WA2200 series access points (indoors) WA2200 series access points (outdoors) WA2210-AG WA2220-AG WA2210X-G WA2220X-AG R 1115 WA2600 series WA2600 series access points (indoors) WA2610-AGN WA2612-AGN WA2620-AGN R 1106 WA2600 series access points (enhanced) WA2610E-AGN WA2620E-AGN R

10 2 Feature Matrix Support of the H3C WA series WLAN access points for features, commands and parameters may vary by device model. See this document for more information. For information about feature support, see Table 2-1. For information about command and parameter support, see Table 3-1. The term AP in this document refers to common APs, wireless bridges, or mesh APs. Table 2-1 Feature matrix Document Feature WA2200 series WA2600 series Fundamentals Configuration Guide WLAN Configuration Guide Layer 2 LAN Switching Configuration Guide Layer 3 IP Services Configuration Guide IP Multicast Configuration Guide Security Configuration Guide HTTPS Not supported Supported n radio mode Not supported Supported n bandwidth mode Not supported Supported n rate configuration Not supported Supported Optical Ethernet interface Supported on WA2210X-G/WA2220X- AG only Not supported GE interface Not supported Supported DHCP server configuration Not supported Supported DHCPv6 configuration Not supported Supported IGMP snooping configuration Not supported Supported MLD snooping configuration Not supported Supported SSH2.0 Not supported Supported 2-1

11 3 Command/Parameter Matrix Table 3-1 Command/Parameter matrix Document Module Command/Parameter WA2200 series WA2600 series display ip https Not supported Supported Fundamentals Command Reference HTTP commands ip https acl Not supported Supported ip https certificate access-control-policy Not supported Supported ip https enable Not supported Supported a-mpdu enable Not supported Supported a-msdu enable Not supported Supported channel band-width Not supported Supported client dot11n-only Not supported Supported WLAN service commands preamble { long short } Only APs that support the b/g radio mode support this command. Only APs that support the b/g radio mode support this command. WLAN Command Reference radio-type Keywords dot11an and dot11gn not supported Supported short-gi enable Not supported Supported dot11a { disabled-rate mandatory-rate supported-rate } rate-value Only APs that support a radio mode support this command. Only APs that support a radio mode support this command. WLAN RRM commands dot11n mandatory maximum-mcs dot11n support maximum-mcs Not supported Not supported Supported Supported power-constraint power-constraint Only APs that support the a radio mode support this command. Only APs that support the a radio mode support this command. 3-1

12 Document Module Command/Parameter WA2200 series WA2600 series The maximum number of broadcast packets that can be forwarded on an Ethernet interface per second broadcast-suppression { ratio pps max-pps } pps max-pps ranges from 1 to pps max-pps ranges from 1 to Layer 2 LAN Switching Command Reference The maximum number of multicast packets allowed on an Ethernet interface per second multicast-suppression { ratio pps max-pps } pps max-pps ranges from 1 to pps max-pps ranges from 1 to The maximum number of unknown unicast packets allowed on an Ethernet interface per second unicast-suppression { ratio pps max-pps } pps max-pps ranges from 1 to pps max-pps ranges from 1 to DHCP commands DHCP server configuration commands Not supported Supported display ipv6 dhcp client [ interface interface-type interface-number ] Not supported Supported Layer 3 - IP Services Command Reference DHCPv6 commands display ipv6 dhcp client statistics [ interface interface-type interface-number ] Not supported Supported display ipv6 dhcp duid Not supported Supported reset ipv6 dhcp client statistics [ interface interface-type interface-number ] Not supported Supported 3-2

13 The models listed in this document are not applicable to all regions. Please consult your local sales office for the models applicable to your region. Support of the H3C WA series WLAN access points (APs) for features may vary by AP model. For more information, see Feature Matrix. The interface types and the number of interfaces vary by AP model. The term AP in this document refers to common APs, wireless bridges, or mesh APs. 4 WLAN Interface Configuration This chapter includes these sections: Overview WLAN-Radio Interface WLAN-BSS Interface WLAN Mesh Interface WLAN Mesh Link Interface Displaying and Maintaining a WLAN Interface Overview FAT APs support WLAN-Radio physical interfaces and WLAN-BSS virtual interfaces. WLAN-Radio interfaces can be bound to WLAN-BSS interfaces to provide wireless network access. WLAN-Radio Interface Introduction WLAN-Radio interfaces are physical interfaces and are used for providing wireless access service. They can be configured but cannot be removed. Configuring a WLAN-Radio Interface Follow these steps to configure a WLAN-Radio interface: To do Use the Command Remarks Enter system view system-view Enter WLAN-Radio interface view interface wlan-radio interface-number 4-1

14 To do Use the Command Remarks Set the description string for the interface Shut down the WLAN-Radio interface description text shutdown By default, the description string of an interface is interface-name + interface. By default, a WLAN-Radio interface is up. WLAN-BSS Interface Introduction WLAN-BSS interfaces are virtual Layer 2 interfaces. They operate like Layer 2 access Ethernet ports and have Layer 2 attributes. A WLAN-BSS interface supports multiple Layer 2 protocols. On a FAT AP, a WLAN-Radio interface bound to a WLAN-BSS interface operates as a Layer 2 interface. Configuring a WLAN-BSS Interface Follow these steps to configure a WLAN-BSS interface: To do Use the command Remarks Enter system view system-view Enter WLAN-BSS interface view Set the description string for the interface Add the WLAN-BSS interface to a VLAN Shut down the WLAN-BSS interface interface wlan-bss interface-number description text port access vlan vlan-id shutdown If the WLAN-BSS interface does not exist, this command creates the WLAN-BSS interface first. By default, the description string of an interface is interface-name + interface. By default, an interface belongs to VLAN 1 (the default VLAN). By default, a WLAN-BSS interface is up. Before executing the port access vlan command, make sure the VLAN identified by the vlan-id argument already exists. You can use the vlan command to create a VLAN. For more information about the port access vlan command, see VLAN in the Layer 2 LAN Switching Command Reference. 4-2

15 WLAN Mesh Interface Introduction WLAN mesh interfaces are Layer 2 virtual interfaces. You can use them as configuration templates to make and save settings for WLAN mesh link interfaces. Once a WLAN mesh link interface is created, you will not be allowed to change the settings on its associated WLAN mesh interface. Entering WLAN Mesh Interface View Follow these steps to enter WLAN mesh interface view: To do Use the command Remarks Enter system view system-view Enter WLAN mesh interface view interface wlan-mesh interface-number If the specified WLAN mesh interface does not exist, this command creates the WLAN mesh interface first. Configuring a WLAN Mesh Interface Follow these steps to configure a WLAN mesh interface. To do Use the command Remarks Configure the description of the WLAN mesh interface description Configure VLAN settings port link-type port access port trunk port hybrid WLAN Mesh Link Interface WLAN mesh link interfaces are similar to Layer 2 virtual Ethernet interfaces and have the features of Layer 2 interfaces. They are dynamically created or deleted by the WLAN module and are responsible for local data forwarding on the mesh network. WLAN mesh link interfaces use the settings you made on their corresponding WLAN mesh interfaces and are not configurable. Displaying and Maintaining a WLAN Interface To do Use the command Remarks Display WLAN-Radio interface information Display WLAN-BSS interface information Display WLAN mesh interface information display interface wlan-radio [ interface-number ] display interface wlan-bss [ interface-number ] display interface wlan-mesh [ interface-number ] Available in any view Available in any view Available in any view 4-3

16 The models listed in this document are not applicable to all regions. Please consult your local sales office for the models applicable to your region. Support of the H3C WA series WLAN access points (APs) for features may vary by AP model. For more information, see Feature Matrix. The interface types and the number of interfaces vary by AP model. The radio types supported by the H3C WA series WLAN access points vary by AP model. The term AP in this document refers to common APs, wireless bridges, or mesh APs. 5 WLAN Security Configuration This chapter includes these sections: WLAN Security Configuration Configuring WLAN Security WLAN Security Configuration Examples Supported Combinations for Ciphers WLAN Security Configuration Overview The wireless security capabilities incorporated in are inadequate for protecting networks containing sensitive information. It does a fairly good job of defending against the general public, but there are some good hackers lurking out there who can crack into a wireless networks. As a result, there is a need to implement advanced security mechanisms beyond the capability of if we want to protect against unauthorized access to resources on our network. Authentication Modes To ensure WLAN security, an AP must authenticate clients. A client can be associated with an AP only when it passes authentication. The following two authentication modes are supported. Open system authentication Open system authentication is the default authentication algorithm. This is the simplest of the available authentication algorithms. Essentially it is a null authentication algorithm. Any client that requests authentication with this algorithm can become authenticated. Open system authentication is not required to be successful because an AP may decline to authenticate the client. Open system authentication involves a two-step authentication process. At the first step, the wireless client sends a request for authentication. At the second step, the AP determines whether the wireless client passes the authentication and returns the result to the client. 5-1

17 Figure 5-1 Open system authentication process Client AP Authentication request Authentication response Shared key authentication The following figure shows a shared key authentication process. The two parties have the same shared key configured. 1) The client sends an authentication request to the AP. 2) The AP randomly generates a challenge and sends it to the client. 3) The client uses the shared key to encrypt the challenge and sends it to the AP. 4) The AP uses the shared key to encrypt the challenge and compares the result with that received from the client. If they are identical, the client passes the link authentication. If not, the link authentication fails. Figure 5-2 Shared key authentication process WLAN Data Security Compared with wired networks, WLAN networks are more susceptible to attacks because all WLAN devices share the same medium and thus every device can receive data from any other sending device. If no security service is provided, plain-text data is transmitted over the WLAN. To secure data transmission, protocols provide some encryption methods to ensure that devices without the right key cannot read encrypted data. 1) Simple text data No data packets are encrypted. It is in fact a WLAN service without any security protection. 2) WEP encryption 5-2

18 Wired Equivalent Privacy (WEP) was developed to protect data exchanged among authorized users in a wireless LAN from casual eavesdropping. WEP uses RC4 encryption for confidentiality. WEP encryption falls into static and dynamic encryption according to how a WEP key is generated. Static WEP encryption With Static WEP encryption, all clients using the same SSID must use the same encryption key. If the encryption key is deciphered or lost, attackers will get all encrypted data. In addition, periodical manual key update brings great management workload. Dynamic WEP encryption Dynamic WEP encryption is a great improvement over static WEP encryption. With dynamic WEP encryption, WEP keys are negotiated between client and server through the 802.1X protocol so that each client is assigned a different WEP key, which can be updated periodically to further improve unicast frame transmission security. Although WEP encryption increases the difficulty of network interception and session hijacking, it still has weaknesses due to limitations of RC4 encryption algorithm and static key configuration. 3) TKIP encryption Temporal key integrity Protocol (TKIP) and WEP both use the RC4 algorithm, but TKIP has many advantages over WEP, and provides more secure protection for WLAN as follows: First, TKIP provides longer IVs to enhance encryption security. Compared with WEP encryption, TKIP encryption uses 128 bit RC4 encryption algorithm, and increases the length of IVs from 24 bits to 48 bits. Second, TKIP allows for dynamic key negotiation to avoid static key configuration. TKIP replaces a single static key with a base key generated by an authentication server. TKIP dynamic keys cannot be easily deciphered. Third, TKIP offers Message Integrity Check (MIC) and countermeasures. If a packet fails the MIC, the data may be tampered, and the system may be attacked. If two packets fail the MIC in a certain period, the AP automatically takes countermeasures. It will not provide services in a certain period to prevent attacks. 4) CCMP encryption CTR with CBC-MAC protocol (CCMP) is based on the CCM of the AES encryption algorithm. CCM combines CTR for confidentiality and CBC-MAC for authentication and integrity. CCM protects the integrity of both the MPDU Data field and selected portions of the IEEE MPDU header. The AES block algorithm in CCMP uses a 128-bit key and a 128-bit block size. Similarly, CCMP contains a dynamic key negotiation and management method, so that each wireless client can dynamically negotiate a key suite, which can be updated periodically to further enhance the security of the CCMP encryption mechanism. During the encryption process, CCMP uses a 48-bit packet number (PN) to ensure that each encrypted packet uses a different PN, thus improving the security to a certain extent. Client Access Authentication After a wireless client sets up a wireless link with an AP, the wireless client is considered as having accessed the wireless network. However, for the security and management of the wireless network, the wireless client can access the network resources only after passing subsequent authentication. Among the authentication mechanisms, preshared key (PSK) authentication and 802.1X authentication accompany the dynamic key negotiation and management of the wireless link, and therefore, they are closely related to wireless link negotiation. However, they are not directly related to the wireless link. 5-3

19 1) PSK authentication Both WPA wireless access and WPA2 wireless access support PSK authentication. To implement PSK authentication, the client and the authenticator must have the same shared key configured. 2) 802.1X authentication As a port-based access control protocol, 802.1X authenticates and controls accessing devices at the port level. A device connected to an 802.1X-enabled port of a WLAN access control device can access the resources on the WLAN only after passing authentication. 3) MAC authentication MAC authentication provides a way for authenticating users based on ports and MAC addresses. For this authentication, the user does not need to install any client software. When the device first detects the MAC address of a user, it starts the authentication for the user. During the authentication process, the user does not need to manually input username or password. In WLAN applications, MAC authentication needs to get the MAC addresses of the clients in advance. Therefore, MAC authentication is applicable to small-scaled networks with relatively fixed users, for example, SOHO and small offices. Protocols and Standards IEEE Standard for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements WI-FI Protected Access Enhanced Security Implementation Based On IEEE P802.11i Standard-Aug 2004 Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements , 1999 IEEE Standard for Local and metropolitan area networks Port-Based Network Access Control 802.1X Configuring WLAN Security To configure WLAN Security on a service template, map the service template to a radio. The SSID name, advertisement setting (beaconing), and encryption settings are configured in the service template. You can configure the SSID to support any combination of WPA, RSN, and non-wpa clients. Task Description Enabling an Authentication Method Configuring the PTK Lifetime Configuring the GTK Rekey Method Configuring Security IE Configuring Cipher Suit Configuring Port Security Enabling an Authentication Method You can enable both open system authentication and shared key authentication or either of them. 5-4

20 Follow these steps to enable the authentication method: To do Use the command Remarks Enter system view system-view Enter WLAN service template Enable an authentication method wlan service-template service-template-number crypto authentication-method { open-system shared-key } Open system authentication method is used by default. Shared key authentication is usable only when WEP encryption is adopted. In this case, you must configure the authentication-method shared-key command. For RSN and WPA, shared key authentication is not required and only open system authentication is required. Configuring the PTK Lifetime A pairwise transient key (PTK) is generated through a four-way handshake, during which, the pairwise master key, an AP random value (ANonce), a site random value (SNonce), the AP s MAC address and the client s MAC address are used. Follow these steps to configure the PTK lifetime: To do Use the command Remarks Enter system view system-view Enter WLAN service template Configure the PTK lifetime wlan service-template service-template-number crypto ptk-lifetime time By default, the PTK lifetime is second Configuring the GTK Rekey Method A fat AP generates a group transient key (GTK) and sends the GTK to a client during the authentication process between an AP and the client through the group key handshake or 4-way handshake. The client uses the GTK to decrypt broadcast and multicast packets. RSN negotiates the GTK through the 4-way handshake or group key handshake, while WPA negotiates the GTK only through group key handshake. Two GTK rekey methods can be configured: Time-based GTK rekey: After the specified interval elapses, GTK rekey occurs. Packet-based GTK rekey. After the specified number of packets is sent, GTK rekey occurs. You can also configure the device to start GTK rekey when a client goes offline, provided that GTK rekey has been enabled with the gtk-rekey enable command. Configure GTK rekey based on time Follow these steps to configure GTK Rekey based on time: 5-5

21 To do Use the command Remarks Enter system view system-view Enter WLAN service template view Enable GTK rekey Configure the GTK rekey interval Configure the device the start GTK rekey when a client goes offline wlan service-template service-template-number crypto gtk-rekey enable gtk-rekey method time-based time gtk-rekey client-offline enable By default, GTK rekey is enabled. By default, the interval is seconds. By default, GTK rekey is not started when a client goes offline. Configure GTK rekey based on packet Follow these steps to configure GTK rekey based on packet: To do Use the command Remarks Enter system view system-view Enter WLAN service template view Enable GTK rekey Configure GTK rekey based on packet Start GTK rekey when a client goes offline wlan service-template service-template-number crypto gtk-rekey enable gtk-rekey method packet-based [ packet ] gtk-rekey client-offline enable By default, GTK rekey is enabled. The default packet number is By default, GTK rekey is not started when a client goes offline. By default, time-based GTK rekey is adopted, and the rekey interval is seconds. Configuring a new GTK rekey method overwrites the previous one. For example, if time-based GTK rekey is configured after packet-based GTK rekey is configured, time-based GTK rekey takes effect. Configuring Security IE The security IE configuration includes WPA and RSN configuration. For WPA and RSN configuration, open system authentication is required. 5-6

22 Disable 802.1X online user handshake function before starting PTK and GTK negotiation. Configuring WPA security IE Wi-Fi Protected Access (WPA) ensures greater protection than WEP. WPA operates in either WPA-PSK (or called Personal) mode or WPA-802.1X (or called Enterprise) mode. In Personal mode, a pre-shared key or pass-phrase is used for authentication. In Enterprise mode, 802.1X and RADIUS servers and the Extensible Authentication Protocol (EAP) are used for authentication. Follow these steps to configure WPA security IE: To do Use the command Remarks Enter system view system-view Enter WLAN service template wlan service-template service-template-number crypto Enable the WPA security IE security-ie wpa Configuring RSN security IE An RSN is a security network that allows only the creation of robust security network associations (RSNAs). An RSN can be identified by the indication in the RSN Information Element (IE) of beacon frames. It provides greater protection than WEP and WPA. Follow these steps to configure the RSN security IE: To do Use the command Remarks Enter system view system-view Enter WLAN service template wlan service-template service-template-number crypto Enable the RSN security IE security-ie rsn Configuring Cipher Suit Cipher suite is used for data encapsulation and de-capsulation; it uses the following encryptions: WEP40/WEP104/WEP128 TKIP CCMP Configuring WEP 1) Configure static WEP encryption The WEP encryption mechanism requires that the authenticator and clients on a WLAN have the same key configured. WEP adopts the RC4 algorithm (a stream encryption algorithm), supporting WEP40, WEP104 and WEP128 keys. WEP can be used with either open system authentication mode or shared key authentication mode: 5-7

23 In open system authentication mode, a WEP key is used for encryption only. A client can go online without having the same key as the authenticator. But, if the receiver has a different key from the sender, it will discard the packets received from the sender. In shared key authentication mode, the WEP key is used for both encryption and authentication. If the key of a client is different from that of the authenticator, the client cannot go online. Follow these steps to configure static WEP encryption: To do Use the command Remarks Enter system view system-view Enter WLAN service template Enable the cipher suite Configure the WEP default keys wlan service-template service-template-number crypto cipher-suite { wep40 wep104 wep128 } wep default-key { } { wep40 wep104 wep128 } { pass-phrase raw-key } [ cipher simple ] key Not configured by default. Configure the WEP key ID wep key-id { } The default key ID is 1. 2) Configure dynamic WEP encryption Follow these steps to configure dynamic WEP encryption: To do Use the command Remarks Enter system view system-view Enter WLAN service template view Enable dynamic WEP encryption Enable the WEP cipher suite Configure the WEP default key wlan service-template service-template-number crypto wep mode dynamic cipher-suite { wep40 wep104 wep128 } wep default-key { } { wep40 wep104 wep128 } { pass-phrase raw-key } key By default, static WEP encryption is adopted. Dynamic WEP encryption must be used together with 802.1X authentication. With dynamic WEP encryption configured, the device automatically uses the WEP 104 cipher suite. To change the encryption method, use the cipher-suite command. No WEP default key is configured by default. If the WEP default key is configured, the WEP default key is used to encrypt multicast frames. If not, the device randomly generates a multicast WEP key. Specify a key index number wep key-id { } By default, the key index number is 1. For dynamic WEP encryption, the WEP key ID cannot be configured as

24 Configuring TKIP Follow these steps to configure TKIP: To do Use the command Remarks Enter system view system-view Enter WLAN service template wlan service-template service-template-number crypto Enable the TKIP cipher suite cipher-suite tkip Set TKIP counter measure time tkip-cm-time time By default, the counter measure time value is 60 seconds. Message integrity check (MIC) is used to prevent attackers from data modification. It ensures data security by using the Michael algorithm. When a fault occurs to the MIC, the device will consider that the data has been modified and the system is being attacked. Upon detecting the attack, TKIP will suspend within the countermeasure interval, that is, no TKIP associations can be established within the interval. Configuring CCMP CCMP is the most secure data protection mechanism supported by WLAN. It adopts the AES encryption algorithm. Follow these steps to configure CCMP: To do Use the command Remarks Enter system view system-view Enter WLAN service template wlan service-template service-template-number crypto Enable the CCMP cipher suite cipher-suite ccmp Configuring Port Security Port security configuration includes authentication type configuration and the AAA server configuration. The authentication type configuration includes the following options: PSK 802.1X MAC PSK and MAC Before configuring port security, you must: Create the WLAN-BSS interface Enable port security globally Configure PSK authentication Follow these steps to configure PSK authentication: 5-9

25 To do Use the command Remarks Enter system view system-view Enter WLAN-BSS interface view Enable 11key negotiation Configure the key interface wlan-bss interface-number port-security tx-key-type 11key port-security preshared-key { pass-phrase raw-key } key Not enabled by default. Not configured by default. Enable the PSK port security mode port-security port-mode psk Configure 802.1X authentication Follow these steps to configure 802.1X authentication: To do Use the command Remarks Enter system view. system-view Enter WLAN-BSS interface view Enable 11key negotiation Enable the 802.1X port security mode. interface wlan-bss interface-number port-security tx-key-type 11key port-security port-mode userlogin-secure-ext Not enabled by default. Configure MAC authentication Follow these steps to configure MAC authentication: To do Use the command Remarks Enter system view system-view Enter WLAN-BSS interface view interface wlan-bss interface-number Enable MAC port security mode port-security port-mode mac-authentication i does not support MAC authentication. Configure PSK and MAC authentication Follow these steps to configure PSK and MAC authentication: To do Use the command Remarks Enter system view system-view Enter WLAN interface view interface wlan-bss interface-number 5-10

26 To do Use the command Remarks Enable 11key negotiation Enable the PSK and MAC port security mode. Configure the pre-shared key port-security tx-key-type 11key port-security port-mode mac-and-psk port-security preshared-key { pass-phrase raw-key } key Not enabled by default. The key is a string of 8 to 63 characters, or a 64-digit hex number. For more information about port security configuration commands, see Port Security in the Security Configuration Guide. Displaying and Maintaining WLAN Security To do Use the command Remarks Display WLAN service template information Display MAC authentication information Display the MAC address information of port security Display the PSK user information of port security Display the configuration information, running state and statistics of port security Display 802.1X session information or statistics display wlan service-template [ service-template-number ] display mac-authentication [ interface interface-list ] display port-security mac-address security [ interface interface-type interface-number ] [ vlan vlan-id ] [ count ] display port-security preshared-key user [ interface interface-type interface-number ] display port-security [ interface interface-list ] display dot1x [ sessions statistics ] [ interface interface-list ] Available in any view For more information about related display commands, see Port Security, 802.1X, and MAC Authentication in the Security Command Reference. 5-11

27 WLAN Security Configuration Examples PSK Authentication Configuration Example Network requirements As shown in Figure 5-3, the AP is connected to the Switch. The PSK key configured on the client side is The same PSK key is configured on the AP. It is required to perform PSK authentication on the client. Figure 5-3 Network diagram for PSK authentication configuration LAN Segment Configuration procedure 1) Configure the AP # Enable port security. <AP> system-view [AP] port-security enable # Configure the authentication mode as psk, and the pre-shared key as , and specify the key type as key. [AP] interface wlan-bss 1 [AP-WLAN-BSS1] port-security port-mode psk [AP-WLAN-BSS1] port-security preshared-key pass-phrase simple [AP-WLAN-BSS1] port-security tx-key-type 11key [AP-WLAN-BSS1] quit # Create crypto-type service template 1, and configure its SSID as psktest.. [AP] wlan service-template 1 crypto [AP-wlan-st-1] ssid psktest # Enable the RSN information element in the beacon and probe response frames, and enable the CCMP cipher suite. [AP-wlan-st-1] security-ie rsn [AP-wlan-st-1] cipher-suite ccmp # Specify the open-system authentication mode, and enable the service template. [AP-wlan-st-1] authentication-method open-system [AP-wlan-st-1] service-template enable # Bind the WLAN-BSS interface to the service template on the radio interface. [AP] interface wlan-radio1/0/2 [AP-WLAN-Radio1/0/2] radio-type dot11g [AP-WLAN-Radio1/0/2] service-template 1 interface wlan-bss 1 2) Verify the configuration Configure the same PSK on the client. After that, the client can associate with the AP and access the WLAN. 5-12

28 You can use the display wlan client and display port-security preshared-key user commands to view the online clients. MAC-and-PSK Authentication Configuration Example Network Requirements As shown in Figure 5-4, a fat AP is connected to a RADIUS server through a Layer 2 switch, and they are in the same network. It is required to perform MAC-and-PSK authentication on the client. After passing the authentication, the client uses the pre-configured pre-shared key to negotiate with the AP, and access the WLAN after a successful negotiation. Figure 5-4 Network diagram for MAC-and-PSK authentication configuration Configuration procedure 1) Configure the fat AP # Enable port security. <AP> system-view [AP] port-security enable # Configure the authentication mode as mac-and-psk, and the pre-shared key as , and specify the key type as key. [AP] interface wlan-bss 1 [AP-WLAN-BSS1] port-security port-mode mac-and-psk [AP-WLAN-BSS1] port-security preshared-key pass-phrase simple [AP-WLAN-BSS1] port-security tx-key-type 11key [AP-WLAN-BSS1] quit # Create a crypto-type service template, and configure its SSID as mactest. [AP] wlan service-template 1 crypto [AP-wlan-st-1] ssid mactest # Enable the RSN information element in the beacon and probe response frames, and enable the CCMP cipher suite. [AP-wlan-st-1] security-ie rsn [AP-wlan-st-1] cipher-suite ccmp # Specify the open-system authentication mode, and enable the service template. [AP-wlan-st-1] authentication-method open-system [AP-wlan-st-1] service-template enable # Configure a RADIUS scheme named rad. Configure the IP addresses of both the primary authentication and authorization servers as , the shared key of the authentication, 5-13

29 authorization, and accounting servers as , specify the extended RADIUS server type, and configure the scheme to exclude the ISP domain name from the usernames sent to the RADIUS server. [AP] radius scheme rad [AP-radius-rad] primary authentication [AP-radius-rad] primary accounting [AP-radius-rad] key authentication [AP-radius-rad] key accounting [AP-radius-rad] server-type extended [AP-radius-rad] user-name-format without-domain [AP-radius-rad] quit # Configure AAA domain cams by referencing RADIUS authentication/authorization/accounting scheme rad. [AP] domain cams [AP-isp-cams] authentication lan-access radius-scheme rad [AP-isp-cams] authorization lan-access radius-scheme rad [AP-isp-cams] accounting lan-access radius-scheme rad [AP-isp-cams] quit # Configure the MAC authentication domain cams. [AP] mac-authentication domain cams # Configure MAC authentication user name format, using MAC addresses without hyphen as username and password (consistent with the format on the server). [AP] mac-authentication user-name-format mac-address without-hyphen # Bind the WLAN-BSS interface with the service template. [AP] interface wlan-radio1/0/2 [AP-WLAN-Radio1/0/2] radio-type dot11g [AP-WLAN-Radio1/0/2] service-template 1 interface wlan-bss 1 2) Configure the RADIUS server (imc) The following takes the imc (the imc versions are imc PLAT 3.20-R2602 and imc UAM 3.60-E6102) as an example to illustrate the basic configurations of the RADIUS server. # Add access device. Log in to the imc management platform. Select the Service tab, and then select Access Service > Access Device from the navigation tree to enter the access device configuration page. Click Add on the page to enter the configuration page shown in Figure 5-5: Add for Shared Key. Add ports 1812, and 1813 for Authentication Port and Accounting Port respectively. Select LAN Access Service for Service Type. Select H3C for Access Device Type. Select or manually add an access device with the IP address

30 Figure 5-5 Add access device # Add service. Select the Service tab, and then select Access Service > Access Device from the navigation tree to enter the add service page. Then click Add on the page to enter the following configuration page. Set the service name to mac, and the others keep the default values. Figure 5-6 Add service # Add account. Select the User tab, and then select User > All Access Users from the navigation tree to enter the user page. Then, click Add on the page to enter the page shown in Figure 5-7. Enter a username. 5-15

31 Add an account and password 00146c8a43ff. Select the service mac. Figure 5-7 Add account 3) Verify the configuration After the client passes the MAC-and-PSK authentication, the client can associate with the AP and access the WLAN. You can use the display wlan client command, display connection command and display mac-authentication command to view the online clients X Authentication Configuration Example Network requirements As shown in Figure 5-8, an AC with IP address , an AP and a RADIUS server with IP address are connected through a Layer 2 switch. It is required to perform 802.1X authentication on the client. Figure X authentication configuration Configuration procedure 1) Configure the fat AP # Enable port security, and set the authentication method of the 802.1X user to eap. <AP> system-view [AP] port-security enable 5-16

32 [AP] dot1x authentication-method eap # Configure a RADIUS scheme name rad. Configure the IP addresses of both the primary authentication and authorization servers as , the shared key of the authentication, authorization, and accounting servers as , and configure the scheme to exclude the ISP domain name from the usernames sent to the RADIUS server. [AP] radius scheme rad [AP-radius-rad] primary authentication [AP-radius-rad] primary accounting [AP-radius-rad] key authentication [AP-radius-rad] key accounting [AP-radius-rad] user-name-format without-domain [AP-radius-rad] quit # Configure AAA domain cams by referencing RADIUS authentication/authorization/accounting scheme rad. [AP] domain cams [AP-isp-cams] authentication lan-access radius-scheme rad [AP-isp-cams] authorization lan-access radius-scheme rad [AP-isp-cams] accounting lan-access radius-scheme rad [AP-isp-cams] quit # Configure cams as the default ISP domain. [AP] domain default enable cams # Configure port security on interface WLAN-BSS 1: specify the port mode as userlogin-secure-ext, and the key type as key. [AP] interface wlan-bss 1 [AP-WLAN-BSS1] port-security port-mode userlogin-secure-ext [AP-WLAN-BSS1] port-security tx-key-type 11key # Disable the multicast trigger function and the online user handshake function. [AP-WLAN-BSS1] undo dot1x multicast-trigger [AP-WLAN-BSS1] undo dot1x handshake [AP-WLAN-BSS1] quit # Create a crypto-type WLAN service template, configure its SSID as dot1xtest. [AP] wlan service-template 1 crypto [AP-wlan-st-1] ssid dot1xtest # Enable the RSN information element in the beacon and probe response frames, and enable the CCMP cipher suite. [AP-wlan-st-1] security-ie rsn [AP-wlan-st-1] cipher-suite ccmp # Specify the open-system authentication mode, and enable the WLAN service template. [AP-wlan-st-1] authentication-method open-system [AP-wlan-st-1] security-ie rsn [AP-wlan-st-1] service-template enable [AP-wlan-st-1] quit # Configure the radio type as g for radio interface WLAN-Radio 1/0/2, and bind service template 1 to interface WLAN-BSS1 on the radio interface. [AP] interface wlan-radio1/0/2 [AP-WLAN-Radio1/0/2] radio-type dot11g [AP-WLAN-Radio1/0/2] service-template 1 interface wlan-bss

33 2) Configure the RADIUS server (imc) The following takes the imc (the imc versions are imc PLAT 3.20-R2602 and imc UAM 3.60-E6102) as an example to illustrate the basic configurations of the RADIUS server. # Add access device. Log in to the imc management platform. Select the Service tab, and then select Access Service > Access Device from the navigation tree to enter the access device configuration page. Click Add on the page to enter the configuration page shown in Figure 5-9: Add for Shared Key. Add ports 1812, and 1813 for Authentication Port and Accounting Port respectively. Select LAN Access Service for Service Type. Select H3C for Access Device Type. Select or manually add an access device with the IP address Figure 5-9 Add access device # Add service. Select the Service tab, and then select Access Service > Service Configuration from the navigation tree to enter the add service page. Then click Add on the page to enter the configuration page shown in Figure Set the service name to dot1x. Select EAP-PEAP AuthN from the Certificate Type drop-down list, and MS-CHAPV2 AuthN from the Certificate Sub-Type drop-down list. 5-18

34 Figure 5-10 Add service # Add account. Select the User tab, and then select Users > All Access Users from the navigation tree to enter the user page. Then, click Add on the page to enter the page shown in Figure Enter a username. Add an account user and password dot1x. Select the dot1x option. Figure 5-11 Add account 3) Configure the wireless card 5-19

35 Double click the icon at the bottom right corner of your desktop. The Wireless Network Connection Status window appears. Click the Properties button in the General tab. The Wireless Network Connection Properties window appears. In the Wireless Networks tab, select wireless network with the SSID dot1x, and then click Properties. The dot1x Properties window appears. Then, in the Authentication tab, select Protected EAP (PEAP) from the EAP type drop-down list, and click Properties. In the popup window, clear Validate server certificate, and click Configure. In the popup dialog box, clear Automatically use my Windows logon name and password (and domain if any). The configuration procedure is as shown in Figure 5-12 through Figure

36 Figure 5-12 Configure the wireless card (I) 5-21

37 Figure 5-13 Configure the wireless card (II) 5-22

38 Figure 5-14 Configure the wireless card (III) 4) Verify the configuration. The client can pass 802.1X authentication and associate with the AP. You can use the display wlan client command, display connection command and display dot1x command to view the online clients. Dynamic WEP Encryption-802.1X Authentication Configuration Example Network requirements As shown in Figure 5-15, a fat AP with IP address and a RADIUS server with IP address are connected through a Layer 2 switch. It is required to perform dynamic WEP encryption. 5-23

Layer 3 - IP Routing Command Reference

Layer 3 - IP Routing Command Reference H3C WA Series WLAN Access Points Layer 3 - IP Routing Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 6W100-20100910 Copyright 2010, Hangzhou H3C Technologies

More information

H3C WX Series Access Controllers

H3C WX Series Access Controllers H3C WX Series Access Controllers WLAN Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: WX3000-CMW520-R3308 (WX3024E) WX5004-CMW520-R2308 (WX5000 series) WX6103-CMW520-R2308

More information

H3C S5830V2 & S5820V2 Switch Series

H3C S5830V2 & S5820V2 Switch Series H3C S5830V2 & S5820V2 Switch Series Security Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release2108 Document version: 6W101-20120531 Copyright 2012, Hangzhou

More information

H3C S12500 Series Routing Switches

H3C S12500 Series Routing Switches H3C S12500 Series Routing Switches Security Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: S12500-CMW710-R7128 Document version: 6W710-20121130 Copyright 2012,

More information

H3C S5120-SI Switch Series

H3C S5120-SI Switch Series H3C S5120-SI Switch Series Layer 3 - IP Routing Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1505 Document version: 6W101-20111108 Copyright 2011,

More information

H3C S5120-EI Switch Series

H3C S5120-EI Switch Series H3C S5120-EI Switch Series Layer 3 - IP Services Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 2210 Document version: 6W100-20110915 Copyright 2011,

More information

H3C SecBlade SSL VPN Card

H3C SecBlade SSL VPN Card H3C SecBlade SSL VPN Card Super Administrator Web Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document version: 5PW105-20130801 Copyright 2003-2013, Hangzhou H3C Technologies

More information

H3C S10500 Switch Series

H3C S10500 Switch Series H3C S10500 Switch Series MPLS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1126 and Later Document version: 20111130-C-1.01 Copyright 2011, Hangzhou

More information

H3C WX Series Access Controllers. WLAN Command Reference. Hangzhou H3C Technologies Co., Ltd. Document Version: 6W

H3C WX Series Access Controllers. WLAN Command Reference. Hangzhou H3C Technologies Co., Ltd.  Document Version: 6W H3C WX Series Access Controllers WLAN Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 6W105-20101124 Copyright 2008-2010, Hangzhou H3C Technologies Co., Ltd.

More information

H3C SecPath Series High-End Firewalls

H3C SecPath Series High-End Firewalls H3C SecPath Series High-End Firewalls Attack Protection Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: SECPATHF1000SAI&F1000AEI&F1000ESI-CMW520-R3721 SECPATH5000FA-CMW520-F3210

More information

H3C S5120-SI Series Ethernet Switches Security Configuration Guide

H3C S5120-SI Series Ethernet Switches Security Configuration Guide H3C S5120-SI Series Ethernet Switches Security Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Copyright 2003-2010, Hangzhou H3C Technologies Co., Ltd. and its licensors All

More information

H3C S5120-EI Series Ethernet Switches. ACL and QoS. Configuration Guide. Hangzhou H3C Technologies Co., Ltd.

H3C S5120-EI Series Ethernet Switches. ACL and QoS. Configuration Guide. Hangzhou H3C Technologies Co., Ltd. H3C S5120-EI Series Ethernet Switches ACL and QoS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 6W102-20100722 Product Version: Release 2202 Copyright 2009-2010,

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

HP Unified Wired-WLAN Products

HP Unified Wired-WLAN Products HP Unified Wired-WLAN Products WLAN Configuration Guide HP 830 Unified Wired-WLAN PoE+ Switch Series HP 850 Unified Wired-WLAN Appliance HP 870 Unified Wired-WLAN Appliance HP 11900/10500/7500 20G Unified

More information

H3C S10500 Switch Series

H3C S10500 Switch Series H3C S10500 Switch Series MPLS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1201 and Later Document version: 6W101-20120903 Copyright 2012, Hangzhou

More information

Chapter 17. Wireless Network Security

Chapter 17. Wireless Network Security Chapter 17 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s, to develop a protocol & transmission specifications for wireless LANs (WLANs) Demand

More information

About the Configuration Guides for HP Unified

About the Configuration Guides for HP Unified About the Configuration Guides for HP Unified Wired-W Products HP 830 Unified Wired-W PoE+ Switch Series HP 850 Unified Wired-W Appliance HP 870 Unified Wired-W Appliance HP 11900/10500/7500 20G Unified

More information

H3C S5820X&S5800 Switch Series

H3C S5820X&S5800 Switch Series H3C S5820X&S5800 Switch Series OAA Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1211 Document version: 6W100-20110415 Copyright 2011, Hangzhou H3C

More information

H3C WA Series WLAN Access Points. Getting Started Guide. Hangzhou H3C Technologies Co., Ltd. Document Version:6W

H3C WA Series WLAN Access Points. Getting Started Guide. Hangzhou H3C Technologies Co., Ltd.  Document Version:6W H3C WA Series WLAN Access Points Getting Started Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version:6W100-20100910 Copyright 2010, Hangzhou H3C Technologies Co., Ltd. and its

More information

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples Part Number: 5200-1385 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document

More information

H3C S10500 Switch Series

H3C S10500 Switch Series H3C S10500 Switch Series ACL and QoS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1126 and Later Document version: 20111130-C-1.01 Copyright 2011,

More information

Configuring a WLAN for Static WEP

Configuring a WLAN for Static WEP Restrictions for Configuring Static WEP, page 1 Information About WLAN for Static WEP, page 1 Configuring WPA1+WPA2, page 3 Restrictions for Configuring Static WEP The OEAP 600 series does not support

More information

H3C S9800 Switch Series

H3C S9800 Switch Series H3C S9800 Switch Series IP Multicast Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 213x Document version: 6W101-20151130 Copyright 2015, Hangzhou

More information

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Procedure: You can find the problem sheet on the Desktop of the lab PCs. University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

H3C S5120-SI Switch Series

H3C S5120-SI Switch Series H3C S5120-SI Switch Series ACL and QoS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1513 Document version: 6W100-20130425 Copyright 2013, Hangzhou

More information

Configuring WLAN Security

Configuring WLAN Security Finding Feature Information, page 1 Prerequisites for Layer 2 Security, page 1 Information About AAA Override, page 2 How to Configure WLAN Security, page 3 Additional References, page 11 Feature Information

More information

3Com Wireless LAN Mobility System Configuration and Deployment Guide

3Com Wireless LAN Mobility System Configuration and Deployment Guide 3Com Wireless LAN Mobility System Configuration and Deployment Guide SpectraLink's Voice Interoperability for Enterprise Wireless (VIEW) Certification Program is designed to ensure interoperability and

More information

WPA-GPG: Wireless authentication using GPG Key

WPA-GPG: Wireless authentication using GPG Key Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

MSM320, MSM410, MSM422, MSM430,

MSM320, MSM410, MSM422, MSM430, Polycom VIEW Certified Configuration Guide Hewlett-Packard MSM710/720/760/765 Wireless LAN Controller With MSM310, MSM320, MSM410, MSM422, MSM430, MSM46x APs September 2012 1725-36068-001 Rev H Trademarks

More information

DG-WM5307IAC. Dual Band Indoor Wireless Access Point with Built in Antenna DG-WM5307IAC

DG-WM5307IAC. Dual Band Indoor Wireless Access Point with Built in Antenna DG-WM5307IAC Dual Band Indoor Wireless Access Point with Built in Antenna DIGISOL is a new-generation 802.11n + 802.11ac-based high-performance gigabit wireless access point (AP) for industrial users. operates concurrently

More information

IP network that supports DHCP or manual assignment of IP address, gateway, and subnet mask

IP network that supports DHCP or manual assignment of IP address, gateway, and subnet mask Network Requirements, page 1 Wireless LAN, page 2 Wi-Fi Network Components, page 3 802.11 Standards for WLAN Communications, page 6 Security for Communications in WLANs, page 9 WLANs and Roaming, page

More information

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake.

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake. Five components of WLAN Security 1. Data Privacy 1. Privacy is important because transmission occurs over the air in freely licensed bands. The Data can be sniffed by anyone within range. 2. Eavesdropping

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User's Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER

More information

HP 5120 SI Switch Series

HP 5120 SI Switch Series HP 5120 SI Switch Series Layer 2 - LAN Switching Configuration Guide Part number: 5998-1807 Software version: Release 1513 Document version: 6W100-20130830 Legal and notice information Copyright 2013 Hewlett-Packard

More information

H3C SecPath Series Security Products

H3C SecPath Series Security Products Web-Based Configuration Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08018U-20070625-C-2.01 Copyright 2007, Hangzhou H3C Technologies Co., Ltd. and its licensors All

More information

Configuring the Client Adapter

Configuring the Client Adapter CHAPTER 5 This chapter explains how to configure profile parameters. The following topics are covered in this chapter: Overview, page 5-2 Setting General Parameters, page 5-3 Setting Advanced Parameters,

More information

Configuring WLANs CHAPTER

Configuring WLANs CHAPTER CHAPTER 6 This chapter describes how to configure up to 16 wireless LANs for your Cisco Wireless LAN Solution. This chapter contains these sections: Wireless LAN Overview, page 6-2 Configuring Wireless

More information

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology CSNT 180 Wireless Networking Chapter 7 WLAN Terminology and Technology Norman McEntire norman.mcentire@servin.com Founder, Servin Corporation, http://servin.com Technology Training for Technology Professionals

More information

Troubleshooting WLANs (Part 2)

Troubleshooting WLANs (Part 2) SharkFest 17 Europe Troubleshooting WLANs (Part 2) Troubleshooting WLANs using 802.11 Management & Control Frames 8. November 2017 Breaking News: Including KRACK!!! Rolf Leutert Leutert NetServices Switzerland

More information

Cisco Wireless LAN Controller Module

Cisco Wireless LAN Controller Module Cisco Wireless LAN Controller Modules Simple and secure wireless deployment and management for small and medium-sized businesses (SMBs) and enterprise branch offices Product Overview Cisco Wireless LAN

More information

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder. Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/

More information

accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through

accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through encryption mode wep 1 accounting (SSID configuration) accounting (SSID configuration mode)

More information

Wireless Networked Systems

Wireless Networked Systems Wireless Networked Systems CS 795/895 - Spring 2013 Lec #5: Medium Access Control High Throughput, Security Tamer Nadeem Dept. of Computer Science High Throughput Networks (802.11n) Slides adapted from

More information

VIEW Certified Configuration Guide. Trapeze Networks. Mobility System for MP-422 Access Points. June 2008 Edition Version D

VIEW Certified Configuration Guide. Trapeze Networks. Mobility System for MP-422 Access Points. June 2008 Edition Version D VIEW Certified Configuration Guide Trapeze Networks Mobility System for MP-422 Access Points June 2008 Edition 1725-36060-001 Version D Configuration Guide Trademark Information Polycom and the logo designs

More information

VIEW Configuration Guide. Cisco. 1131, 1232 and 1242 Autonomous APs. June 2010 Edition Version D

VIEW Configuration Guide. Cisco. 1131, 1232 and 1242 Autonomous APs. June 2010 Edition Version D VIEW Configuration Guide Cisco 1131, 1232 and 1242 Autonomous APs June 2010 Edition 1725-36193-001 Version D Configuration Guide Patent Information The accompanying product is protected by one or more

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

Enterprise WLAN Solution V100R001C00. Deployment Guide. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Enterprise WLAN Solution V100R001C00. Deployment Guide. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD. V100R001C00 Issue 01 Date 2011-08-29 HUAWEI TECHNOLOGIES CO., LTD. . 2011. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written

More information

Table of Contents. Chapter 1 Product Overview Features Package Contents LED Indicator and Panel Description...

Table of Contents. Chapter 1 Product Overview Features Package Contents LED Indicator and Panel Description... Copyright Statement is the registered trademark of Monoprice. All the products and product names mentioned herein are the trademarks or registered trademarks of their respective holders. Copyright of the

More information

HP 10500/ G Unified Wired-WLAN Module

HP 10500/ G Unified Wired-WLAN Module HP 10500/7500 20G Unified Wired-WLAN Module Fundamentals Configuration Guide Part number: 5998-3914 Software version: 2308P29 (HP 10500/7500 20G Unified Wired-WLAN Module) Document version: 6W102-20131112

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

Configuring a Wireless LAN Connection

Configuring a Wireless LAN Connection CHAPTER 9 The Cisco Secure Router 520 Series routers support a secure, affordable, and easy-to-use wireless LAN solution that combines mobility and flexibility with the enterprise-class features required

More information

Enterprise Data Communication Products. Feature Description - WLAN. Issue 02 Date HUAWEI TECHNOLOGIES CO., LTD.

Enterprise Data Communication Products. Feature Description - WLAN. Issue 02 Date HUAWEI TECHNOLOGIES CO., LTD. Issue 02 Date 2013-05-15 HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of

More information

Configuring Cipher Suites and WEP

Configuring Cipher Suites and WEP 10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast

More information

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Wireless Networking 802.11 based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers topics Standards Technical Concepts Implementation Troubleshooting 802.11 timeline source: Anandtech

More information

ENH900EXT N Dual Radio Concurrent AP. 2.4GHz/5GHz 900Mbps a/b/g/n Flexible Application

ENH900EXT N Dual Radio Concurrent AP. 2.4GHz/5GHz 900Mbps a/b/g/n Flexible Application ENH900EXT equips with two powerful independent RF interfaces which support 802.11a/n (3T3R) and 802.11b/g/n (3T3R). With certified IP-67 protection, it is designed to deliver high reliability under harsh

More information

U S E R M A N U A L b/g PC CARD

U S E R M A N U A L b/g PC CARD U S E R M A N U A L 802.11b/g PC CARD Table of Content CHAPTER 1 INTRODUCTION... 1 1.1 WIRELESS LAN FEATURE FUNCTIONS... 1 1.2 REGULATORY NOTICE... 1 1.2.1 FCC Class B Statement...1 1.2.2 Canadian Regulatory

More information

11N Wall Mount Access Point / WDS AP / Universal Repeater. Features. Fully compatible with IEEE b/g/n devices

11N Wall Mount Access Point / WDS AP / Universal Repeater. Features. Fully compatible with IEEE b/g/n devices EAP9550-KZ is a powerful and multi-functioned 11n Indoor Access Point and it can act three modes AP/WDS/Universal Repeater. Smoke detector appearance will minimize visibility. So this model can work properly

More information

Configuring WEP and WEP Features

Configuring WEP and WEP Features CHAPTER 9 This chapter describes how to configure Wired Equivalent Privacy (WEP), Message Integrity Check (MIC), and Temporal Key Integrity Protocol (TKIP). This chapter contains these sections: Understanding

More information

H3C S7500E Series Ethernet Switches

H3C S7500E Series Ethernet Switches Installation Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-080406-20080725-C-1.04 Copyright 2007-2008, Hangzhou H3C Technologies Co., Ltd. All Rights Reserved No part

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER 2

More information

ECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED

ECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED Part V ECHONET Lite System Design Guidelines i 2011 (2012) ALL RIGHTS RESERVED The specifications published by the ECHONET Consortium are established without regard to industrial property rights (e.g.,

More information

Quidway S2700 Series Enterprise Switches

Quidway S2700 Series Enterprise Switches Quidway S2700 Series Enterprise Switches Quidway S2700 Series Enterprise Switches Product Overview The Quidway S2700 enterprise switches (S2700 for short) are next-generation energy-saving 100M Ethernet

More information

Configuring OfficeExtend Access Points

Configuring OfficeExtend Access Points Information About OfficeExtend Access Points, page 1 OEAP 600 Series Access Points, page 2 OEAP in Local Mode, page 3 Supported WLAN Settings for 600 Series OfficeExtend Access Point, page 3 WLAN Security

More information

HP Unified Wired-WLAN Products

HP Unified Wired-WLAN Products HP Unified Wired-WLAN Products Security Command Reference HP 830 Unified Wired-WLAN PoE+ Switch Series HP 850 Unified Wired-WLAN Appliance HP 870 Unified Wired-WLAN Appliance HP 11900/10500/7500 20G Unified

More information

Document Created by Nick Schuster

Document Created by Nick Schuster Document Created by Nick Schuster Table of Contents Product Overview... 4 Introduction... 4 Features... 5 Package Contents... 6 System Requirements... 6 Hardware Overview... 7 LEDs... 7 Connections...

More information

Web Authentication Proxy on a Wireless LAN Controller Configuration Example

Web Authentication Proxy on a Wireless LAN Controller Configuration Example Web Authentication Proxy on a Wireless LAN Controller Configuration Example Document ID: 113151 Contents Introduction Prerequisites Requirements Components Used Conventions Web Authentication Proxy on

More information

VOCOM II. WLAN Instructions. VOCOM II Tough

VOCOM II. WLAN Instructions. VOCOM II Tough WLAN Instructions VOCOM II Tough 88894000 1 Please make sure the VOCOM II is connected to the computer via USB. Open the VOCOM II Configuration Application. Located under the START menu. The VOCOM II should

More information

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac WISNETWORKS User Manual V1.1 2016/3/21 Software version 1.0.0021 Table of contents 1. Setup& WMI... 3 1.1 Hardware Setup... 3 1.2 Web Management Interface... 3 2. Status... 4 2.1 Overview... 4 2.1.1 System...

More information

ECB N Multi-Function Gigabit Client Bridge

ECB N Multi-Function Gigabit Client Bridge ECB9500 is a powerful and multi-functioned 11n product with 7 major multi-functions, is designed to operate in every working environment for enterprises. ECB9500 is a Wireless Network device that delivers

More information

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD. V100R002C10 Permission Control Technical White Paper Issue 01 Date 2016-04-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form

More information

Siemens HiPath Wireless: Configuration and Deployment Guide

Siemens HiPath Wireless: Configuration and Deployment Guide Siemens HiPath Wireless System Configuration and Deployment Guide SpectraLink's Voice Interoperability for Enterprise Wireless (VIEW) Certification Program is designed to ensure interoperability and high

More information

Siemens HiPath Wireless: Configuration and Deployment Guide

Siemens HiPath Wireless: Configuration and Deployment Guide Siemens HiPath Wireless System Configuration and Deployment Guide SpectraLink's Voice Interoperability for Enterprise Wireless (VIEW) Certification Program is designed to ensure interoperability and high

More information

CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide

CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide May 2006 Version 1.00 1 Table of Contents Table of Contents... 2 List of Figures... 4 List of Tables... 6 Chapter 1. Introduction...

More information

User Guide LAPN300. Wireless-N300. Access Point with POE. Model # LAPN300

User Guide LAPN300. Wireless-N300. Access Point with POE. Model # LAPN300 User Guide LAPN300 Wireless-N300 Access Point with POE Model # LAPN300 1 Contents Chapter 1 Quick Start Guide... 5 Mounting Guide... 6 Wall Installation... 6 Ceiling Installation... 6 Chapter 2 Access

More information

Huawei Enterprise S2700 Series Switches

Huawei Enterprise S2700 Series Switches 2 Product Overview The S2700 series enterprise switches (S2700s) are next-generation energy-saving intelligent 100M Ethernet switches. The S2700 utilizes cutting-edge switching technologies and Huawei

More information

AC2600 Dual-Band Wireless Access Point

AC2600 Dual-Band Wireless Access Point User Guide AC2600 Dual-Band Wireless Access Point LAPAC2600 1 Contents Chapter 1 Quick Start Guide... 4 Package Contents... 4 Physical Details... 4 Mounting Guide... 5 Chapter 2 Quick Start... 7 Overview...

More information

HP M n Access Point Configuration and Administration Guide

HP M n Access Point Configuration and Administration Guide HP M220 802.11n Access Point Configuration and Administration Guide HP Part Number: 5998-5753 Published: April 2014 Edition: 3 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

EnGenius Quick Start Guide

EnGenius Quick Start Guide T he operates seamlessly in the 2.4 GHz frequency spectrum supporting the 802.11b (2.4GHz, 11Mbps) and the newer, faster 802.11g (2.4GHz, 54Mbpswireless standard. High output power and high sensitivity

More information

DLB APC v5.94. User s Guide. Revision November Copyright 2013 Deliberant

DLB APC v5.94. User s Guide. Revision November Copyright 2013 Deliberant DLB APC v5.94 User s Guide Revision 1.0 7 November 2013 Copyright 2013 Deliberant www.deliberant.com Copyright 2013 Deliberant This user s guide and the software described in it are copyrighted with all

More information

Spectralink VIEW Certified Configuration Guide. Aruba Networks. Aruba Instant APs IAP-11x, 20x, 21x, 22x

Spectralink VIEW Certified Configuration Guide. Aruba Networks. Aruba Instant APs IAP-11x, 20x, 21x, 22x Spectralink VIEW Certified Configuration Guide Aruba Networks Aruba Instant APs IAP-11x, 20x, 21x, 22x 721-1008-000 Rev: B May 2016 Copyright Notice 2015-2016 Spectralink Corporation All rights reserved.

More information

Skywave User Manual. Version 1.1 (05/10/2015) Pro Range 95 User Manual 1.1 Page 1 of 31

Skywave User Manual. Version 1.1 (05/10/2015) Pro Range 95 User Manual 1.1 Page 1 of 31 Skywave User Manual Version 1.1 (05/10/2015) Pro Range 95 User Manual 1.1 Page 1 of 31 Radio frequency Interference Requirements The operation of this device in the 5.15 GHz to 5.25 GHz frequency range

More information

Product Description. HUAWEI B593s-931 LTE CPE V200R001 HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date

Product Description. HUAWEI B593s-931 LTE CPE V200R001 HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date HUAWEI B593s-931 LTE CPE V200R001 Issue 01 Date 2013-12-19 HUAWEI TECHNOLOGIES CO., LTD. Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. Please feel free

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter User Guide Model No. WUSB54G Copyright and Trademarks Specifications are subject to change without notice. Linksys

More information

Cisco WAP131 Wireless-N Dual Radio Access Point with PoE

Cisco WAP131 Wireless-N Dual Radio Access Point with PoE Data Sheet Cisco WAP131 Wireless-N Dual Radio Access Point with PoE Improved Coverage, Easy to Deploy, Secure Business-Class Wireless-N Connectivity Highlights Provides cost-effective 802.11n connectivity

More information

150Mbps N 3G Mobile Wireless Router. User Guide

150Mbps N 3G Mobile Wireless Router. User Guide 150Mbps 802.11N 3G Mobile Wireless Router User Guide 1 Contents INTRODUCTION...3 KEY HARDWARE FEATURES...3 DESCRIPTION OF CAPABILITIES...3 HARDWARE DESCRIPTION...5 LED INDICATORS...6 THE 3G MOBILE WIRELESS

More information

GWN7610 Firmware Release Note IMPORTANT UPGRADING NOTE

GWN7610 Firmware Release Note IMPORTANT UPGRADING NOTE GWN7610 Firmware Release Note IMPORTANT UPGRADING NOTE 1. For firmware 1.0.5.14, this is only for GWN7610 master deployment. All users with GWN7000 as master are NOT encouraged to upgrade until 1.0.5.x

More information

Cisco Meraki. Spectralink VIEW Certified Configuration Guide

Cisco Meraki. Spectralink VIEW Certified Configuration Guide Spectralink VIEW Certified Configuration Guide Cisco Meraki Meraki Cloud-Controlled APs MR26, MR30H, MR32, MR33, MR34, MR42, MR52, MR53, MR72, MR74, MR84 721-1013-000 Rev: A August 2017 Copyright Notice

More information

Configuring the WMIC for the First Time

Configuring the WMIC for the First Time Configuring the WMIC for the First Time This document describes how to configure basic settings on a Cisco Wireless Mobile Interface Card (WMIC) for the first time. Before You Start Before you install

More information

HP A3100 v2 Switch Series

HP A3100 v2 Switch Series HP A3100 v2 Switch Series Layer 2 - LAN Switching Configuration Guide HP A3100-8 v2 SI Switch (JG221A) HP A3100-16 v2 SI Switch (JG222A) HP A3100-24 v2 SI Switch (JG223A) HP A3100-8 v2 EI Switch (JD318B)

More information

Wireless LAN Access Point

Wireless LAN Access Point Wireless LAN Access Point IEEE 802.11b/g 54Mbps 501903 User s Manual Table of Contents Chapter 1 Introduction... 1 1.1 Package Contents... 2 1.2 Features... 2 1.3 Specifications... 2 1.4 Physical Description...

More information

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS)

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) HOME SUPPORT PRODUCT SUPPORT WIRELESS CISCO 4400 SERIES WIRELESS LAN

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

HP 5120 EI Switch Series

HP 5120 EI Switch Series HP 5120 EI Switch Series Layer 3 - IP Routing Configuration Guide Part number: 5998-1793 Software version: Release 2220 Document version: 6W100-20130810 Legal and notice information Copyright 2013 Hewlett-Packard

More information

H3C MSR Series Routers

H3C MSR Series Routers H3C MSR Series Routers ACL and QoS Configuration Guide(V7) Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: MSR-CMW710-R0007 Document version: 6W100-20140320 Copyright 2014, Hangzhou

More information

Wireless Domain Services FAQ

Wireless Domain Services FAQ Wireless Domain Services FAQ Document ID: 65346 Contents Introduction What is WDS? How do I configure my AP as a WDS? On what platforms does Cisco Structured Wireless Aware Network (SWAN) WDS run? How

More information

Unified Services Routers

Unified Services Routers Product Highlights Comprehensive Management Solution Active-Active WAN port features such as auto WAN failover and load balancing, ICSA-certified firewall, and D-Link Green Technology make this a reliable,

More information

Status of P Sub-Specification

Status of P Sub-Specification Status of P1451.5 802.11 Sub-Specification June 7, 2004 Ryon Coleman Senior Systems Engineer 802.11 Subgroup rcoleman@3eti.com Agenda 1. IEEE 802.11 Architecture 2. Scope within the 1451 Reference Model

More information