HP ProCurve Wireless Access Point 420 - Hewlett Packard

More documents

Recommendations

Info

Access Point Configuration Configuring Wireless Security Table 5-1. Summary of Wireless Security Security Mechanism Client Support Implementation Considerations WEP Built-in support on all 802.11b and 802.11g devices WEP with 802.1x Requires 802.1x client support in system or by add-in software (native support provided in Windows XP) MAC Address Filtering Uses the MAC address of client network card WPA Enterprise Mode Requires WPA-enabled system and network card driver (native support provided in Windows XP) WPA PSK Mode Requires WPA-enabled system and network card driver (native support provided in Windows XP) 5-48 Web: Configuring WPA Settings • Provides only weak security • Requires manual key management • Provides dynamic key rotation for improved WEP security • Requires configured RADIUS server • 802.1x EAP type may require management of digital certificates for clients and server • Provides only weak user authentication • Management of authorized MAC addresses • Can be combined with other methods for improved security • Optional configured RADIUS server • Provides robust security in WPA-only mode • Offers support for legacy WEP clients, but with increased security risk • Requires configured RADIUS server • 802.1x EAP type may require management of digital certificates for clients and server • Provides good security in small networks • Requires manual management of pre-shared key The WPA Settings window on the Security tab enables the access point to be configured to use WPA security. The web interface enables you to modify these parameters: ■ WPA Configuration Mode: The access point can be configured to allow only WPA-enabled clients to access the network, or also allow clients only capable of supporting WEP. ■ WPA Key Management: WPA can be configured to work in an enterprise environment using IEEE 802.1x and a RADIUS server for user authentication. For smaller networks, WPA can be enabled using a common preshared key for client authentication with the access point. • WPA authentication over 802.1x: The WPA enterprise mode that uses IEEE 802.1x to authenticate users and to dynamically distribute encryption keys to clients.
Access Point Configuration Configuring Wireless Security • WPA Pre-shared Key: The WPA mode for small networks that uses a common password string that is manually distributed. If this mode is selected, be sure to also specify the key string. ■ Multicast Cipher Mode: Selects an encryption method for the global key used for multicast and broadcast traffic, which is supported by all wireless clients. • WEP: WEP is the first generation security protocol used to encrypt data crossing the wireless medium using a fairly short key. Communicating devices must use the same WEP key to encrypt and decrypt radio signals. WEP has many security flaws, and is not recommended for transmitting highly-sensitive data. • TKIP: TKIP provides data encryption enhancements including perpacket key hashing (that is, changing the encryption key on each packet), a message integrity check, an extended initialization vector with sequencing rules, and a re-keying mechanism. • AES: AES has been designated by the National Institute of Standards and Technology as the successor to the Data Encryption Standard (DES) encryption algorithm, and will be used by the U.S. government for encrypting all sensitive, nonclassified information. Because of its strength, and resistance to attack, AES is also being incorporated as part of the 802.11 standard. ■ WPA Pre-Shared Key Type: If the WPA pre-shared-key mode is used, all wireless clients must be configured with the same key to communicate with the access point. • Hexadecimal: Enter a key as a string of 64 hexadecimal numbers. • Alphanumeric: Enter a key as an easy-to-remember form of letters and numbers. The string must be from 8 to 63 characters, which can include spaces. To Configure WPA in Enterprise Mode: 1. Select the Configuration tab. 2. Click the [Radius] button. 3. Configure parameters for the primary RADIUS server and, optionally, a secondary RADIUS server. See “Web: Setting RADIUS Server Parameters” on page 5-28 for more details. 4. Click the [Apply Changes] button. 5. Select the Security tab. 6. Click the [Shared Key Setup] button. 7. Set the Authentication Type Setup to Open System. 5-49
Page 1 and 2:
HP ProCurve Wireless Access Point 4
Page 3 and 4:
Contents 1 Getting Started Contents
Page 5 and 6:
Modifying System Management Access
Page 7 and 8:
sntp-server date-time . . . . . . .
Page 9:
shutdown . . . . . . . . . . . . .
Page 12 and 13:
Getting Started Introduction 1-2 In
Page 14 and 15:
Getting Started Related Publication
Page 16 and 17:
Getting Started Sources for More In
Page 18 and 19:
Getting Started Need Only a Quick S
Page 20 and 21:
Selecting a Management Interface Ov
Page 22 and 23:
Selecting a Management Interface Ad
Page 24 and 25:
Using the Command Line Interface (C
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Using the HP Web Browser Interface
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55: Using the HP Web Browser Interface
Page 56 and 57: Using the HP Web Browser Interface
Page 58 and 59: Access Point Configuration Overview
Page 60 and 61: Access Point Configuration Modifyin
Page 66 and 67: Access Point Configuration Configur
Page 74 and 75: Access Point Configuration Enabling
Page 76 and 77: Access Point Configuration Enabling
Page 88 and 89: Access Point Configuration Setting
Page 124 and 125: Command Line Reference Overview 6-2
Page 126 and 127: Command Line Reference General Comm
Page 128 and 129: Command Line Reference General Comm
Page 130 and 131: Command Line Reference System Manag
Page 148 and 149: Command Line Reference SNMP Command
Page 150 and 151: Command Line Reference SNMP Command
Page 152 and 153: Command Line Reference Flash/File C
Page 154 and 155:
Command Line Reference Flash/File C
Page 156 and 157:
Command Line Reference RADIUS Clien
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Command Line Reference 802.1x Port
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Command Line Reference Filtering Co
Page 172 and 173:
Command Line Reference Filtering Co
Page 174 and 175:
Command Line Reference Interface Co
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Command Line Reference VLAN Command
Page 202 and 203:
Command Line Reference VLAN Command
Page 204 and 205:
File Transfers Overview A-2 Overvie
Page 206 and 207:
File Transfers Downloading Access P
Page 208 and 209:
File Transfers Downloading Access P
Page 210 and 211:
File Transfers Transferring Configu
Page 212 and 213:
File Transfers Transferring Configu
Page 214 and 215:
P password … 4-7, 4-8 administrat
show all

HP ProCurve Wireless Access Point 420 - Hewlett Packard

Create successful ePaper yourself

Delete template?

Save as template?