HP ProCurve Wireless Access Point 420 - Hewlett Packard

More documents

Recommendations

Info

Access Point Configuration Configuring Wireless Security 5-52 Command Syntax CLI Reference Page wpa-preshared-key page 6-74 show interface wireless g page 6-75 show station page 6-77 Using the CLI to Configure WPA. To configure the access point to support only WPA-enabled clients, be sure to set the access point to “open system” and set 802.1x authentication to “required.” The following example shows how to configure access point security for WPA. This example assumes that a RADIUS server is configured and available on the wired network, it also assumes that the RADIUS server parameters are configured on the access point. HP420(config)#802.1x required HP420(config)#interface wireless g Enter Wireless configuration commands, one per line. HP420(if-wireless g)#authentication open HP420(if-wireless g)#wpa-clients required HP420(if-wireless g)#wpa-mode dynamic HP420(if-wireless g)#multicast-cipher tkip HP420(if-wireless g)# Using the CLI to Configure WPA-PSK Mode. To configure the access point to operate in WPA-PSK mode, be sure to set the access point to “open system” and set 802.1x authentication to “disable.” The following example shows how to configure access point security for WPA PSK mode. Supported clients must be WPA-enabled and configured with the same pre-shared key. HP420(config)#no 802.1x HP420(config)#interface wireless g Enter Wireless configuration commands, one per line. HP420(if-wireless g)#authentication open HP420(if-wireless g)#wpa-clients required HP420(if-wireless g)#wpa-mode pre-shared-key HP420(if-wireless g)#wpa-pre-shared-key ASCII agoodsecret HP420(if-wireless g)#
Access Point Configuration Configuring Wireless Security Web: Configuring MAC Address Authentication The access point can be configured to authenticate client MAC addresses against a database stored locally on the access point or remotely on a RADIUS server. Client MAC addresses in the local database can be specified as allowed or denied access the network. This enables the access point to control which devices can associate with the access point. Not e If a RADIUS authentication server is used for MAC authentication, the server must first be configured in the RADIUS window. Client station MAC authentication occurs prior to any IEEE 802.1x authentication configured for the access point. However, a client’s MAC address provides relatively weak user authentication, since MAC addresses can be easily captured and used by another station to break into the network. Using 802.1x provides more robust user authentication using user names and passwords or digital certificates. So, although you can configure the access point to use MAC address and 802.1x authentication together, it is better to choose one or the other, as appropriate. Consider the following guidelines: ■ Use MAC address authentication for a small network with a limited number of users. MAC addresses can be manually configured on the access point itself without the need to set up a RADIUS server. The access point supports up to 1024 MAC addresses in its filtering table, but managing a large number of MAC addresses across more than one access point quickly becomes very cumbersome. ■ Use IEEE 802.1x authentication for networks with a larger number of users and where security is the most important issue. A RADIUS server is required in the wired network to control the user credentials (digital certificates, smart cards, passwords, or other) of wireless clients. The 802.1x authentication approach provides a standards-based, flexible, and scalable solution that can be centrally managed. However, implementing 802.1x requires more resources and skills to operate and maintain a RADIUS server and manage a large database of user credentials. The Authentication window on the Security tab enables the access point to be configured to use MAC address authentication. The web interface enables you to modify these parameters: ■ MAC Authentication: The type of authentication method the system employs when authenticating a wireless client’s MAC address. 5-53
Page 1 and 2:
HP ProCurve Wireless Access Point 4
Page 3 and 4:
Contents 1 Getting Started Contents
Page 5 and 6:
Modifying System Management Access
Page 7 and 8:
sntp-server date-time . . . . . . .
Page 9:
shutdown . . . . . . . . . . . . .
Page 12 and 13:
Getting Started Introduction 1-2 In
Page 14 and 15:
Getting Started Related Publication
Page 16 and 17:
Getting Started Sources for More In
Page 18 and 19:
Getting Started Need Only a Quick S
Page 20 and 21:
Selecting a Management Interface Ov
Page 22 and 23:
Selecting a Management Interface Ad
Page 24 and 25:
Using the Command Line Interface (C
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Using the HP Web Browser Interface
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59: Access Point Configuration Overview
Page 60 and 61: Access Point Configuration Modifyin
Page 66 and 67: Access Point Configuration Configur
Page 74 and 75: Access Point Configuration Enabling
Page 76 and 77: Access Point Configuration Enabling
Page 88 and 89: Access Point Configuration Setting
Page 124 and 125: Command Line Reference Overview 6-2
Page 126 and 127: Command Line Reference General Comm
Page 128 and 129: Command Line Reference General Comm
Page 130 and 131: Command Line Reference System Manag
Page 148 and 149: Command Line Reference SNMP Command
Page 150 and 151: Command Line Reference SNMP Command
Page 152 and 153: Command Line Reference Flash/File C
Page 154 and 155: Command Line Reference Flash/File C
Page 156 and 157: Command Line Reference RADIUS Clien
Page 158 and 159:
Command Line Reference RADIUS Clien
Page 160 and 161:
Command Line Reference RADIUS Clien
Page 162 and 163:
Command Line Reference 802.1x Port
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Command Line Reference Filtering Co
Page 172 and 173:
Command Line Reference Filtering Co
Page 174 and 175:
Command Line Reference Interface Co
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Command Line Reference VLAN Command
Page 202 and 203:
Command Line Reference VLAN Command
Page 204 and 205:
File Transfers Overview A-2 Overvie
Page 206 and 207:
File Transfers Downloading Access P
Page 208 and 209:
File Transfers Downloading Access P
Page 210 and 211:
File Transfers Transferring Configu
Page 212 and 213:
File Transfers Transferring Configu
Page 214 and 215:
P password … 4-7, 4-8 administrat
show all

HP ProCurve Wireless Access Point 420 - Hewlett Packard

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?