Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(

101

102

103

104

105

106

107

108

109

110

Parameter Description

Security Level

Type

Key

Management

For Enterprise security level, select any of the following options from the

Key management drop-down list:

l WPA-2 Enterprise

l Both (WPA-2 & WPA)

l WPA Enterprise

l Dynamic WEP with 802.1X — If you do not want to use a session key

from the RADIUS Server to derive pair wise unicast keys, set Session

Key for LEAP to Enabled. This is required for old printers that use

dynamic WEP through Lightweight Extensible Authentication Protocol

(LEAP) authentication. The Session Key for LEAP feature is Disabled

by default.

Applicable to

Enterprise and

Personal security

levels only.

For the Open

security level, no

encryption settings

are required.

For Personal security level, select an encryption key from the Key

management drop-down list.

l For WPA-2 Personal, WPA Personal, and Both (WPA-2&WPA) keys,

specify the following parameters:

1. Passphrase format: Select a passphrase format from the

Passphrase format drop-down list. The options are

available are 8-63 alphanumeric characters and 64

hexadecimal characters.

2. Enter a passphrase in the Passphrase text box and

reconfirm.

NOTE: The Passphrase may contain any special character

except for ".

l For Static WEP, specify the following parameters:

1. Select an appropriate value for WEP key size from the

WEP key size drop-down list. You can specify 64-bit or

128-bit .

2. Select an appropriate value for Tx key from the Tx Key

drop-down list. You can specify 1, 2, 3, or 4.

3. Enter an appropriate WEP key and reconfirm.

Termination To terminate the EAP portion of 802.1X authentication on the IAP instead of

the RADIUS server, set Termination to Enabled.

Enabling Termination can reduce network traffic to the external RADIUS

server by terminating the authorization protocol on the IAP. By default, for

802.1X authorization, the client conducts an EAP exchange with the

RADIUS server, and the IAP acts as a relay for this exchange.

When Termination is enabled, the IAP by itself acts as an authentication

server and terminates the outer layers of the EAP protocol, only relaying the

innermost layer to the external RADIUS server. It can also

reduce the number of exchange packets between the IAP and

authentication server.

NOTE: Instant supports the configuration of primary and backup

authentication servers in an EAP termination enabled SSID.

NOTE: If you are using LDAP for authentication, ensure that AP termination

is configured to support EAP.

Enterprise security

level

Authentication

server 1 and

Authentication

server 2

Select any of the following options from the Authentication server 1 drop-

down list:

l Select an authentication server from the list if an external servers are

already configured.

l Select New to configure any of the following servers as an external

server:

Enterprise,

Personal, and Open

security levels.

Table 21:

Configuration Parameters for WLANSecurity Settings in an Employee or Voice Network

Aruba Instant 6.4.0.2-4.1 | User Guide Wireless Network Profiles | 101