Configuring wlan security, Authentication modes – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 64

Advertising
background image

52

Configuring WLAN security

The wireless security capabilities incorporated in 802.11, though adequate to prevent the general public

accessibility, do not offer sufficient protection from sophisticated network break-ins. To protect against

any potential unauthorized access, advanced security mechanisms beyond the capabilities of 802.11 are
necessary.

Authentication modes

To secure wireless links, the wireless clients must be authenticated before accessing the AP, and only
wireless clients passing the authentication can be associated with the AP. 802.11 links define two

authentication mechanisms: open system authentication and shared key authentication.

Open system authentication
Open system authentication is the default authentication algorithm. This is the simplest of the
available authentication algorithms. Essentially it is a null authentication algorithm. Any client that

requests authentication with this algorithm can become authenticated. Open system authentication

is not required to be successful as an AP may decline to authenticate the client. Open system
authentication involves a two-step authentication process. In the first step, the wireless client sends

a request for authentication. In the second step, the AP determines whether the wireless client

passes the authentication and returns the result to the client.

Figure 27 Open system authentication process

Shared key authentication

Figure 28

shows a shared key authentication process. The client and the AP have the same shared

key configured.

a.

The client sends an authentication request to the AP.

b.

The AP randomly generates a challenge and sends it to the client.

c.

The client uses the shared key to encrypt the challenge and sends it to the AP.

d.

The AP uses the shared key to encrypt the challenge and compares the result with that received
from the client. If they are identical, the client passes the authentication. If not, the

authentication fails.

Advertising
This manual is related to the following products:

H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C WA3600 Series Access Points, H3C WA2600 Series WLAN Access Points

Popular Brands
Popular manuals