User's Manual
Table Of Contents
- Table of Contents
- Introduction
- GO Wireless LAN Pico Base Station (WLP)
- Installation
- Configuring the WLP
- Connect and Access the WLP
- Configuring the Management Connectivity
- Configuring the Device Prompt
- Configuring the Radio Settings
- Configuring Multiple SSIDs
- Deleting an SSID
- Configuring the Mesh Network
- Configuring WDS CPE connection
- Configuring Authentication Types
- Configuring the Radius Client in the WLP
- Configuring Privacy Methods
- Saving the Configuration
- WLP Configuration Example
- Upgrading the WLP Software
- Appendix A: List of Acronyms
- Appendix B: Wiring Specifications
- Page 32 of 38 -
All contents are Copyright © 2006 GO Networks, Inc. All rights reserved.
The Radius client in the WLP can be configured by using the following
command:
configure radius-server {primary | secondary}
{authentication | accounting} <port 1 – 65535>
host <ip address> key <secret 5 – 64 string> enable
Configuring Privacy Methods
The privacy (encryption) scheme is configured per ESSID.
Using WPA Key Management
WiFi Protected Access (WPA) is a standards-based, interoperable security
enhancement that strongly increases the level of data protection and
access control for existing and future wireless LAN systems. It is derived
from and will be forward-compatible with the upcoming IEEE 802.11i
standard. It includes two new data-confidentiality protocols (TKIP and
AES-CCMP).
WPA leverages TKIP and AES-CCMP (Temporal Key Integrity Protocol and
Cipher Block Chaining Message Authentication Code Protocol) for data
protection and 802.1X for authenticated key management.
WPA1 and WPA2 offer a high level of assurance for end users and network
administrators that their data will remain private and that access to their
networks will be restricted to authorized users.
WPA key management supports two mutually exclusive management
types:
• WPA-Extensible-Authentication-Protocol (WPA-EAP): Using
WPA-EAP key management, the client and the authentication server
authenticate each other using an EAP authentication method, and
the client and server generate a Pairwise Master Key (PMK).
• WPA-Pre-shared key (WPA-PSK): Using WPA, the server
generates the PMK dynamically and passes it to the WLP. Using
WPA-PSK, however, you configure a pre-shared key on both the
client and the WLP, and that pre-shared key is used as the PMK.
The WPA key management in the WLP can be configured using the
following commands:
configure privacy wpa { <ssid integer(1-16)> [ passphrase
<passphrase string(8-63)> ] [ key-mngmnt { eap | psk } ]
configure privacy wpa gtk-interval <interval integer(30-
42949672)>
configure privacy wpa data-encryption { tkip | aes }
configure privacy wpa protocol { wpa1 | wpa2 | wpa2only }
configure privacy wpa preauthentication { enable | disable }