User's Manual

ManualsBrandsHP ManualsSoftwareHP Cloud Network Manager Software Series

27 | Wireless configuration HP Cloud Network Manager | User Guide

Configuring security settings for a WLAN SSID profile

This section describes the procedure for configuring security settings for employee and voice network only. For

information on guest network configuration, see Captive portal for guest access on page 56 .

If you are creating a new SSID profile, configure the WLANand VLAN settings before defining security settings. For

more information, see Configuring WLAN settings on page 23 and Configuring VLAN settings for a WLAN SSID profile

on page 26.

Configuring security settings for an employee or voice network

To configure security settings for an employee or voice network:

1. In Security, specify any of the following for SECURITY LEVEL:

l Enterprise —On selecting enterprise security level, the authentication options applicable to the enterprise

network is displayed.

l Personal — On selecting personal security level, the authentication options applicable to the personalized

network is displayed.

l Open — On selecting Open security level, the authentication options applicable to an open network is

displayed:

The default security setting for a network profile is Personal.

2. Based on the security level specified, specify the following parameters:

Data pane item Description

KEY

MANAGEMENT

For Enterprise security level, select any of the following options from

KEYMANAGEMENT:

l WPA-2 Enterprise

l Both (WPA-2 & WPA)

l WPA Enterprise

l Dynamic WEP with 802.1X — If you do not want to use a session key from the

RADIUS Server to derive pairwise unicast keys, set SESSION KEY FOR

LEAP to Enabled. This is required for old printers that use dynamic WEP

through Lightweight Extensible Authentication Protocol (LEAP)

authentication. The SESSION KEY FOR LEAP feature is Disabled by default.

NOTE: When WPA-2 Enterprise and Both (WPA2-WPA) encryption types are

selected and if 802.1x authentication method is configured, the

OPPURTUNISTIC KEY CACHING (OKC) is enabled by default. If OKC is

enabled, a cached Pairwise Master Key (PMK) is used when the client roams to

a new AP. This allows faster roaming of clients without the need for a complete

802.1x authentication. OKC roaming can be configured only for the Enterprise

security level.

For Personal security level, select an encryption key from KEY MANAGEMENT.

l For WPA-2 Personal, WPA Personal, and Both (WPA-2&WPA) keys, specify

the following parameters:

l PASSPHRASE FORMAT: Select a passphrase.format. The

options are available are 8-63 alphanumeric characters and

64 hexadecimal characters.

l Enter a passphrase in PASSPHRASE and reconfirm.

l For STATIC WEP, specify the following parameters:

l Select an appropriate value for WEP KEY SIZE from the WEP

key size. You can specify 64-bit or 128-bit .

Table 10: Configuration parameters for WLAN security settings