HP ProCurve Wireless Access Point 420 - Hewlett Packard
HP ProCurve Wireless Access Point 420 - Hewlett Packard
HP ProCurve Wireless Access Point 420 - Hewlett Packard
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Web: Configuring IEEE 802.1x<br />
<strong>Access</strong> <strong>Point</strong> Configuration<br />
Configuring <strong>Wireless</strong> Security<br />
The access point supports IEEE 802.1x (802.1x) access control for wireless<br />
clients. This control feature prevents unauthorized access to the network by<br />
requiring an 802.1x client application to submit user credentials for authentication.<br />
Client authentication is then verified by a RADIUS server using Extensible<br />
Authentication Protocol (EAP) before the access point grants a client<br />
access to the network.<br />
Not e The 802.1x access control feature requires a RADIUS authentication server to<br />
be configured and available in the wired network. Be sure that the server’s<br />
details are configured in the RADIUS window.<br />
The access point also uses the 802.1x Extensible Authentication Protocol Over<br />
LANs (EAPOL) packets to pass dynamic unicast session keys and static<br />
broadcast keys to wireless clients. Session keys are unique to each client and<br />
are used to authenticate a client connection, and correlate traffic passing<br />
between a specific client and the access point. You can also enable broadcast<br />
key rotation, so the access point provides a dynamic broadcast key and<br />
changes it at a specified interval.<br />
The Authentication window on the Security tab enables 802.1x to be configured<br />
for the access point.<br />
The web interface enables you to modify these parameters:<br />
802.1x Setup. You can enable 802.1x as optionally supported or as required<br />
to enhance the security of the wireless network. When 802.1x is enabled, the<br />
broadcast and session key rotation intervals can also be configured.<br />
■ Disable: The access point does not support 802.1x authentication for any<br />
wireless client. After successful wireless association with the access<br />
point, each client is allowed to access the network.<br />
■ Supported: The access point supports 802.1x authentication only for<br />
clients initiating the 802.1x authentication process (the access point does<br />
not initiate 802.1x authentication). For clients initiating 802.1x, only those<br />
successfully authenticated are allowed to access the network. For those<br />
clients not initiating 802.1x, access to the network is allowed after<br />
successful wireless association with the access point.<br />
■ Required: The access point enforces 802.1x authentication for all associated<br />
wireless clients. If 802.1x authentication is not initiated by a client,<br />
the access point will initiate authentication. Only those clients successfully<br />
authenticated with 802.1x are allowed to access the network.<br />
5-57