Technical data
Configure a Security Profile With the Web UI
© 2012 Meru Networks, Inc. Configuring Security 115
— CCMP/TKIP: Use the Counter Mode with Cipher Block Chaining (CCMP)
encryption protocol that replaces TKIP, the mandatory protocol in WPA, and
WEP. For more information, see TKIP.
If you select WEP64 or WEP128, you need to specify a WEP key, as described in
step 6. If you specify TKIP for WPA-PSK or CCMP-AES for WPA2-PSK, a pre-shared
key must be set, as described in step 12.
5. From the Primary Radius Profile Name list, select one of the configured Radius
Server Profiles for use as the primary server or select the No Radius option. If no
Radius Server Profiles have been configured, the selectable list is unavailable and
the text “No Data for Primary Radius Profile Name” displays. To configure a Radius
Server Profile, click Configuration > Security > Radius.
6. From the Secondary Radius Profile Name list, select one of the configured Radius
Server Profiles for use as the secondary server or select the No Radius option. If
no Radius Server Profiles have been configured, the selectable list is unavailable
and the text “No Data for Primary Radius Profile Name” displays. To configure a
Radius server profile, click Configuration > Security > Radius.
7. In the WEP Key box, specify a WEP key. If you selected Static WEP Keys in step 2,
you need to specify a WEP key in hexadecimal or text string format.
A WEP64 key must be 5 octets long, which you can specify as 10 hexadecimal digits
(the hexadecimal string must be preceded with 0x) or 5 printable alphanumeric
characters (the ! character cannot be used). For example, 0x619B947A3D is a valid
hexadecimal value, and wpass is a valid alphanumeric string.
A WEP128 key must be 13 octets long, which you can specify as 26 hexadecimal
digits (the hexadecimal string must be preceded with 0x) or 13 printable
alphanumeric characters (the ! character cannot be used). For example,
0xB58CE2C2C75D73B298A36CDA6A is a valid hexadecimal value, and
mypass8Word71 is a valid alphanumeric string.
8. In the Static WEP Key Index box, type the index number to be used with the WEP
key for encryption and decryption. A station can have up to four static WEP keys
configured. The static WEP key index must be an integer between 1 through 4
(although internal mapping is performed to handle wireless clients that use 0
through 3 assignments).
9. In the Re-Key Period box, type the duration that the key is valid. Specify a value
from 0 to 65,535 seconds. The default re-key value is zero (0). Specifying 0
indicates that re-keying is disabled, which means that the key is valid for the
entire session, regardless of the duration.
10. In the Captive Portal list, select one of the following:
— Disabled: Disables Captive Portal.
— WebAuth: Enables a WebAuth Captive Portal. This feature can be set for all L2
Mode selections.
11. If you want to use a third-party Captive Portal solution from a company such as
Bradford, Avenda, or CloudPath change the value for Captive Portal
Authentication Method to external. For more information, see Third-Party
Captive Portal Solutions.
12. To use 802.1X, select one of the following in the 802.1X Network Initiation list: