Configuring monitor mode limits, Configuring an authentication failure limit – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Page 405

Advertising
background image

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

405

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Chapter 13

Configuring Monitor Mode Limits

You can configure threshold values that the access point uses in monitor mode.
When a threshold value is exceeded, the access point logs the information or
sends an alert.

Configuring an Authentication Failure Limit

Setting an authentication failure limit protects your network against a denial-of-
service attack called EAPOL flooding. The 802.1X authentication that takes
place between a client and the access point triggers a series of messages between
the access point, the authenticator, and an authentication server by using EAPOL
messaging. The authentication server, typically a RADIUS server, can quickly
become overwhelmed if there are too many authentication attempts. If not
regulated, a single client can trigger enough authentication requests to impact
your network.

In monitor mode, the access point tracks the rate that 802.1X clients attempt to
authenticate through the access point. If your network is attacked through
excessive authentication attempts, the access point generates an alert when the
authentication threshold has been exceeded.

You can configure these limits on the access point:

Number of 802.1X attempts through the access point
EAPOL flood duration in seconds on the access point

When the access point detects excessive authentication attempts it sets MIB
variables to indicate this information:

An EAPOL flood was detected
Number of authentication attempts
MAC address of the client with the most authentication attempts

Beginning in privileged EXEC mode, follow these steps to set authentication
limits that trigger a fault on the access point:

1. Enter global configuration mode.

configure terminal

2. Configure the number of authentication attempts and the number of

seconds of EAPOL flooding that trigger a fault on the access point.

dot11 ids eap attempts number period seconds

3. Return to privileged EXEC mode.

end

Advertising
Popular Brands
Popular manuals