User guide
Table Of Contents
- 3Com Wireless 8760 Dual-radio 11a/b/g PoE Access Point
- Contents
- Introduction
- Installing the Access Point
- Installation Requirements
- Power Requirements
- Safety Information
- Deciding Where to Place Equipment and Performing A Site Survey
- Before You Begin
- Connecting the Standard Antennas
- Connecting Power
- Checking the LEDs
- Wall, Ceiling, or Electrical Box Mounting
- Flat Surface Installation
- Selecting and Connecting a Different Antenna Model
- Installing Software Utilities
- Initial Configuration
- System Configuration
- Command Line Interface
- Using the Command Line Interface
- General Commands
- System Management Commands
- System Logging Commands
- System Clock Commands
- DHCP Relay Commands
- SNMP Commands
- snmp-server community
- snmp-server contact
- snmp-server location
- snmp-server enable server
- snmp-server host
- snmp-server trap
- snmp-server engine-id
- snmp-server user
- snmp-server targets
- snmp-server filter
- snmp-server filter-assignments
- show snmp groups
- show snmp users
- show snmp group-assignments
- show snmp target
- show snmp filter
- show snmp filter-assignments
- show snmp
- Flash/File Commands
- RADIUS Client
- 802.1X Authentication
- MAC Address Authentication
- Filtering Commands
- WDS Bridge Commands
- Spanning Tree Commands
- Ethernet Interface Commands
- Wireless Interface Commands
- interface wireless
- vap
- speed
- turbo
- multicast-data-rate
- channel
- transmit-power
- radio-mode
- preamble
- antenna control
- antenna id
- antenna location
- beacon-interval
- dtim-period
- fragmentation-length
- rts-threshold
- super-a
- super-g
- description
- ssid
- closed-system
- max-association
- assoc-timeout-interval
- auth-timeout-value
- shutdown
- show interface wireless
- show station
- Rogue AP Detection Commands
- Wireless Security Commands
- Link Integrity Commands
- IAPP Commands
- VLAN Commands
- WMM Commands
- Troubleshooting
- Index
4-50
CHAPTER 4: SYSTEM CONFIGURATION
The access point can simultaneously support clients using various different
security mechanisms. The configuration for these security combinations are
outlined in the following table. Note that MAC address authentication can be
configured independently to work with all security mechanisms and is indicated
separately in the table. Required RADIUS server support is also listed.
Table 6 Security Considerations
WPA over 802.1X
Mode
Requires WPA-enabled system
and network card driver
(native support provided in
Windows XP)
• Provides robust security in WPA-only mode
(i.e., WPA clients only)
• Offers support for legacy WEP clients, but with
increased security risk (i.e., WEP authentication
keys disabled)
• Requires configured RADIUS server
• 802.1X EAP type may require management of
digital certificates for clients and server
WPA PSK Mode Requires WPA-enabled system
and network card driver
(native support provided in
Windows XP)
• Provides good security in small networks
• Requires manual management of pre-shared key
WPA2 with
802.1X
Requires WPA-enabled system
and network card driver (native
support provided in Windows
XP)
• Provides the strongest security in WPA2-only
mode
• Provides robust security in mixed mode for WPA
and WPA2 clients
• Offers fast roaming for time-sensitive client
applications
• Requires configured RADIUS server
• 802.1X EAP type may require management of
digital certificates for clients and server
• Clients may require hardware upgrade to be
WPA2 compliant
WPA2 PSK Mode Requires WPA-enabled system
and network card driver (native
support provided in Windows
XP)
• Provides robust security in small networks
• Requires manual management of pre-shared key
• Clients may require hardware upgrade to be
WPA2 compliant
Security
Mechanism
Client Support Implementation Considerations
NOTE: You must enable data encryption through the web in order to enable all
types of encryption (WEP, TKIP, or AES) in the access point.
Client Security
Combination
Configuration Summary
a
MAC
Authentication
b
RADIUS
Server
No encryption and no
authentication
Authentication: Open System
Encryption: Disable
802.1x: Disable
Local, RADIUS, or
Disabled
Yes
c
Static WEP only (with
or without shared
key authentication)
Enter 1 to 4 WEP keys
Select a WEP transmit key for the interface
Authentication: Shared Key or Open System
Encryption: Enable
802.1x: Disable
Local, RADIUS, or
Disabled
Yes
c