Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual
Page 373
Rockwell Automation Publication 1783-UM006A-EN-P - May 2014
373
Configuring Authentication Types
Chapter 12
This table lists the client and access point settings required for each
authentication type.
Table 96 - Client and Access Point Settings Required for Each Authentication Type
Security Feature
Client Setting
Access Point Setting
Static WEP with open authentication
Create a WEP key and enable Use Static WEP Keys
and Open Authentication
Set up and enable WEP and enable Open Authentication for the SSID
Static WEP with shared key authentication
Create a WEP key and enable Use Static WEP Keys
and Shared Key Authentication
Set up and enable WEP and enable Shared Key Authentication for the SSID
LEAP authentication
Enable LEAP
Set up and enable WEP and enable Network-EAP for the SSID
(1)
EAP-FAST authentication
Enable EAP-FAST and enable automatic
provisioning or import a PAC file.
Set up and enable WEP and enable Network-EAP for the SSID
If radio clients are configured to authenticate by using EAP-FAST, open
authentication with EAP must also be configured. If you don’t configure
open authentication with EAP, the following GUI warning message
appears:
WARNING:
Network EAP is used only for LEAP authentication. If radio clients are
configured to authenticate by using EAP-FAST, Open Authentication with
EAP must be configured also.
If you are using CLI, this warning message appears:
SSID CONFIG WARNING: [SSID]: If radio clients are using EAP-FAST, AUTH
OPEN with EAP must also be configured.
EAP-FAST authentication with WPA
Enable EAP-FAST and Wi-Fi Protected Access
(WPA) and enable automatic provisioning or
import a PAC file.
To allow the client to associate to both WPA and
non-WPA access points, enable Allow Association
to both WPA and non-WPA authenticators.
Choose a cipher suite that includes TKIP, set up and enable WEP, and enable
Network-EAP and WPA for the SSID.
To allow both WPA and non-WPA clients to use the SSID, enable optional
WPA.
802.1X authentication and CCKM
Enable LEAP
Choose a cipher suite and enable Network-EAP and CCKM for the SSID
To allow both 802.1X clients and non-802.1X clients to use the SSID, enable
optional CCKM.
802.1X authentication and WPA
Enable any 802.1X authentication method.
Choose a cipher suite and enable Open authentication and WPA for the SSID
(you can also enable Network-EAP authentication in addition to or instead
of Open authentication).
To allow both WPA clients and non-WPA clients to use the SSID, enable
optional WPA.
802.1X authentication and WPA-PSK
Enable any 802.1X authentication method.
Choose a cipher suite and enable Open authentication and WPA for the SSID
(you can also enable Network-EAP authentication in addition to or instead
of Open authentication). Enter a WPA pre-shared key.
To allow both WPA clients and non-WPA clients to use the SSID, enable
optional WPA.
EAP-TLS authentication
If using ACU to configure card
Enable Host Based EAP and Use Dynamic WEP
Keys in ACU and choose Enable network access
control by using IEEE 802.1X and Smart Card or
Other Certificate as the EAP Type in pages 2000
(with Service Pack 3) or pages XP.
Set up and enable WEP and enable EAP and Open authentication for the
SSID.
If using pages XP to configure card
Choose Enable network access control by using
IEEE 802.1X and Smart Card or other Certificate
as the EAP Type
Set up and enable WEP and enable EAP and Open Authentication for the
SSID.
EAP-MD5 authentication
If using ACU to configure card
Create a WEP key, enable Host Based EAP, and
enable Use Static WEP Keys in ACU and choose
Enable network access control by using IEEE
802.1X and MD5-Challenge as the EAP Type in
pages 2000 (with Service Pack 3) or pages XP.
Set up and enable WEP and enable EAP and Open authentication for the
SSID.
If using pages XP to configure card
Choose Enable network access control by using
IEEE 802.1X and MD5-Challenge as the EAP Type.
Set up and enable WEP and enable EAP and Open Authentication for the
SSID.