Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentWM200

101

102

103

104

105

106

107

108

109

110

WM-AD configuration

Summit WM Getting Started Guide, Software Version 5.1110

● Uses RADIUS protocols for authentication and key distribution; therefore, requires a RADIUS or

other authentication server.

● Centralizes management of user credentials.

The WPA authentication process involves the following steps:

● Step 1 – The wireless device associates with Wireless AP.

● Step 2 – The Wireless AP blocks the wireless device’s network access while the authentication

process is carried out. The Summit WM Controller sends the authentication request to the

RADIUS authentication server.

● Step 3 – The wireless device provides credentials that are forwarded to the authentication server

through the Summit WM Controller.

● Step 4 – If the wireless device is not authenticated, the device remains blocked from the network.

For more information, see the Summit WM User Guide.

.To configure WPA privacy:

1 From the main menu, click WM-AD Configuration. The WM-AD Configuration screen is displayed.

2 In the left pane, click the AAA WM-AD for which you want to configure the Dynamic WEP privacy.

The Topology tab is displayed.

3 Click the Privacy tab.

4 Select WPA. The WPA text boxes are displayed.

5 Select one of the following:

● WPA v1:

■ Auto – If you click Auto, the Wireless AP will advertise both TKIP and CCMP (counter mode

with cipher block chaining message authentication code protocol).

■ TKIP only – If you click TKIP only, the Wireless AP will advertise TKIP as an available

encryption protocol. It will not advertise CCMP.

● WPA v2:

■ Auto: For more information, see the description of Auto under WPA v1.

■ TKIP only: For more information, see the description of TKIP only under WPA v1.

If you select WPA v1, its Encryption drop-down menu is enabled. The Encryption drop-down menu

offers the following two options:

6 From the Key Management options, select one of the following key-management options:

● None – The mobile units (client devices) performs a complete 802.1X authentication each time it

associates or connects to a Wireless AP.

● Opportunistic Keying – Enables secure fast roaming (SFR) of mobile units. For more information,

see the Summit WM User Guide.

● Pre-authentication – Enables seamless roaming. For more information, see the Summit WM User

Guide.

● Opportunistic Keying & Pre-auth – For more information, see the Summit WM User Guide.

7 For re-keying after a time interval, select Broadcast re-key interval.

If this feature is not enabled, the broadcast encryption key is never changed and the Wireless AP will

always use the same broadcast key for broadcast/multicast transmissions. This will compromise the

security for wireless communications.

8 In the Broadcast re-key interval text box, type the time interval after which you want the broadcast

encryption key to be changed automatically. The default is 3600.