6 - 9
Refer to the following to configure a WLAN’s authentication scheme:
•
802.1x EAP, EAP-PSK and EAP MAC
•
•
Secure guest access to the network is referred to as captive portal. A captive portal is guest access policy for providing
temporary and restrictive access to the access point managed wireless network. Existing captive portal policies can be applied
to a WLAN to provide secure guest access.
A captive portal policy provides secure authenticated access using a standard Web browser. A captive portal provides
authenticated access by capturing and re-directing a wireless user's Web browser session to a login page, where a user must
enter valid credentials to access the network. Once logged into the captive portal, additional
Agreement
,
Welcome
and
Fail
pages provide an administrator with a number of options for the screen flow and appearance.
Refer to
for information on assigning a captive portal policy to a WLAN.
A
passpoint
policy provides an interoperable platform for streamlining Wi-Fi access to access points deployed as public
hotspots. Passpoint is supported across a wide range of wireless network deployment scenarios and client devices. For more
information, see
MAC Registration enables returning captive portal users faster authentication and access to the captive portal service. When
the user connects to the captive portal for the first time, the MAC address of the user is recorded once the authentication is
successful. The next time the device is used to access the captive portal, MAC Registration allows the device and the user to
be authenticated faster.
Refer to
for information on enabling and configuring MAC Registration.
Encryption is essential for WLAN security, as it provides data privacy for traffic forwarded over a WLAN. When the 802.11
specification was introduced,
Wired Equivalent Privacy
(WEP) was the primary encryption mechanism. WEP has since been
interpreted as flawed in many ways, and is not considered an effective standalone scheme for securing a WLAN. WEP is
typically used with WLAN deployments supporting legacy clients. New deployments should use either WPA or WPA2
encryption.
Encryption applies a specific algorithm to alter its appearance and prevent unauthorized hacking. Decryption applies the
algorithm in reverse, to restore the data to its original form. A sender and receiver must employ the same encryption/decryption
method to interoperate. When both TKIP and CCMP are both enabled a mix of clients are allowed to associate with the WLAN.
Some use TKIP, others use CCMP. Since broadcast traffic needs to be understood by all clients, the broadcast encryption type
in this scenario is TKIP.
TKIP-CCMP, WPA2-CCMP, WEP 64, WEP 128 and Keyguard encryption options are supported.
Refer to the following to configure a WLAN’s encryption scheme:
•
•
•
•
•
6.1.2.1 802.1x EAP, EAP-PSK and EAP MAC
Configuring WLAN Security Settings
The
Extensible Authentication Protocol
(EAP) is the de-facto standard authentication method used to provide secure
authenticated access to WLANs. EAP provides mutual authentication, secured credential exchange, dynamic keying and strong
Summary of Contents for WiNG 5.7.1
Page 1: ...WiNG 5 7 1 ACCESS POINT SYSTEM REFERENCE GUIDE ...
Page 2: ......
Page 3: ...WING 5 7 1 ACCESS POINT SYSTEM REFERENCE GUIDE MN001977A01 Revision A April 2015 ...
Page 4: ...ii WiNG 5 7 1 Access Point System Reference Guide ...
Page 24: ...1 4 WiNG 5 7 1 Access Point System Reference Guide ...
Page 36: ...2 12 WiNG 5 7 1 Access Point System Reference Guide ...
Page 72: ...3 36 WiNG 5 7 1 Access Point System Reference Guide ...
Page 470: ...5 386 WiNG 5 7 1 Access Point System Reference Guide ...
Page 472: ...6 2 WiNG 5 7 1 Access Point System Reference Guide Figure 6 1 Configuration Wireless menu ...
Page 624: ...7 46 WiNG 5 7 1 Access Point System Reference Guide ...
Page 724: ...9 56 WiNG 5 7 1 Access Point System Reference Guide ...
Page 783: ...12 35 Figure 12 46 Device Summary screen 4 Click File Management ...
Page 816: ...12 68 WiNG 5 7 1 Access Point System Reference Guide ...
Page 1006: ...13 190 WiNG 5 7 1 Access Point System Reference Guide ...
Page 1026: ...14 20 WiNG 5 7 1 Access Point System Reference Guide ...
Page 1028: ...A 2 WiNG 5 7 1 Access Point System Reference Guide ...
Page 1089: ......
Page 1090: ...MN001977A01 Revision A April 2015 ...