Specifications

Command Groups

RoamAbout Access Point 3000 Configuration Guide A-145

wpa-clients

ThiscommanddefineswhetherWi‐FiProtectedAccess(WPA)isrequired,optionallysupported,

ornotsupportedforclientstations.

Syntax

wpa-clients <not-supported | required | supported>

•not‐supported‐AccesspointdoesnotsupportclientsusingWPA.

•required‐Supportsonlyclientsusing WPA.

•supported‐SupportclientswithorwithoutWPA.

Default Setting

Supported

Command Mode

InterfaceConfiguration(Wireless)

InterfaceConfiguration(Wireless):VAP

Command Usage

•UsethiscommandforthedefaultinterfaceoranyofthesevenVAPsconfigurableperradio

interface.

•Wi‐FiProtectedAccess(WPA)providesimproveddataencryption,whichwasweakin

WEP,anduserauthentication,whichwaslargelymissinginWEP.WPAusesthefollowing

securitymechanisms.

•EnhancedDataEncryption

throughTKIP

•WPAusesTemporalKeyIntegrityProtocol(TKIP).TKIPprovidesdataencryption

enhancementsincludingper‐packetkeyhashing(i.e.,changingtheencryptionkeyoneach

packet),amessageintegritycheck,anextendedinitializationvectorwithsequencingrules,

andare‐keyingmechanism.

•Enterprise‐levelUserAuthenticationvia802.1x

andEAP

•Tostrengthenuserauthentication,WPAuses802.1xandtheExtensibleAuthentication

Protocol(EAP).Usedtogether,theseprotocolsprovidestronguserauthenticationviaa

centralRADIUSauthenticationserverthatauthenticateseachuseronthenetworkbefore

theyjoinit.WPAalsoemploys“mutualauthentication”topreventawirelessclient

from

accidentallyjoiningaroguenetwork.