User guide
Table Of Contents
- Introduction
- Installation and Initialization
- Managing the Access Point
- Basic Configuration for an Enterprise
- Access Point Features
- Using Web Interface to Manage the Access Point
- Using SNMP Interface to Manage the Access Point
- Using CLI to Manage the Access Point
- Global Configuration Mode
- General Notes
- Configuring the AP using CLI Commands
- Command Line Interface Mode Overview
- User Exec Mode
- Privileged Exec Mode
- Show Command Tree Structure Command
- Show VLAN Command
- Show MAC ACL Command
- Show RADIUS Server Table Command
- Show RADIUS Supported Profile Table Command
- Show Security Wireless Config Table Command
- Show QoS Profile and Policy Command
- Show QoS EDCA Command
- Show Wireless Properties Command
- Show 11n Wireless Properties Command
- Wireless VAP Command
- Ethernet Interface Command
- Network Configuration Command
- Advaned Filter and Global Filter Command
- TCP-UDP and Static MAC Address Table Commands
- Protocl Filter, Filter Type and Filter Control Table Command
- Access Control and HTTP, Telnet and TFTP Commands
- SNMP Read, Read-Write Password and Trap Host Table Command
- Country Code and Management Commands
- System Information Command
- System Inventory Management Command
- Event Logand ICMP Commands
- IP ARP Statistics and SNTP Command
- Syslog configuration and RADIUS Client Authentication Table Commands
- RADIUS Client Access Command
- Interface Statistics Command
- Wireless Station Statistics Command
- IP Address, Subnet Mask and Gateway Command
- Scalar Objects Commands
- Table Entries Commands
- Table Entry Deletion Command
- Table Entry Edition Command
- VAP Table Commands
- Troubleshooting
- ASCII Character Chart
- Bootloader CLI
- Specifications
- Technical Services and Support
- Statement of Warranty
Basic Configuration for an Enterprise AP-800 User Guide
Configuring the Security Profile
32
• SNMP: The password for Read/Write access to the AP using SNMP interface. Enter a password between 6 and 32
characters in the Password field. The default password is “public”.
NOTE: This password “public” is SNMP Read/Write Community string and is also applicable to SNMP Read
Community.
• Trap Host IP Address: Enter the IP Address for which the traps needs to be delivered. By default, an IP Address will
be available, that you can change.
NOTE: For security purposes Proxim recommends changing ALL PASSWORDS from the default “public” immediately, to
restrict access to your network devices to authorized personnel.
Configuring the Security Profile
1. Click Configuration > Security > Wireless Security.
2. Click Add in the Wireless Security CFG table to create a new entry. The Wireless Security Create Row page
displays.
3. Enter the Profile Name.
4. Authentication Mode:
• Authentication Mode: None, then the AP allows access to stations without authentication. In other words, the
security will be disabled for that VAP.
• Authentication Mode: WEP
— Wep Key: Enter the Wep Key. The Key Length can be 64 or 128 Bits.
• For 64-bit encryption, an encryption key is 10 hexadecimal characters (0-9 and A-F) or 5 ASCII characters
see ASCII Character Chart).
• For 128-bit encryption, an encryption key is 26 hexadecimal characters or 13 ASCII characters.
— Encryption Type: Select the Encryption type as WEP.
— Enter the Status.
• Authentication Mode: Psk
— Encryption Type: WPA-TKIP, WPA2-AES, WPA-TKIP + WPA2-AES
— PSK : Enter the password. The limit for the passphrase is between 8 and 63 characters
— Re-keying Interval: The value should be between 900 to 65535 seconds.
— Enter Status.
NOTE: When you select the encryption type as WPA-TKIP+WPA2-EAS, then the AP is considered to be in
Auto-Encryption mode, and the client will support both encryption type.
• Authentication Mode: 802.1x
— Encryption Type: WEP, WPA-TKIP, WPA2-AES, WPA-TKIP + WPA2-AES
— Re-Keying Interval: The value should be between 900 to 65535 seconds.
— Enter Status.
NOTE: When you select the encryption type as WPA-TKIP+WPA2-EAS, then the AP is considered to be in
Auto-Encryption mode, and the client will support both encryption type. This type of security is called Dynamic
WEP.
NOTE: If an 802.1x client that has already been authenticated attempts to switch to WEP, or if a WEP client that has
already been connected attempts to switch to 802.1x, the AP will not allow the client to switch immediately. If
this happens, either reboot the AP or disable the client/roam to a new AP for five minutes, and then attempt to
reconnect to the AP. If the client is still unable to connect after waiting five minutes, reboot the AP.
NOTE: If you select WEP or TKIP, then the device will work on legacy rates not on 11n rates.