ZyXEL Communications UAG Series - Security Profile Example

ZyXEL Communications UAG Series

361 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Chapter 7 Wireless LAN Profiles

UAG CLI Reference Guide

69

7.5.1 Security Profile Example

The following example creates a security profile with the name ‘SECURITY01’..

wpa-encrypt {tkip | aes | auto} Sets the WPA/WPA2 encryption cipher type.

auto: This automatically chooses the best available cipher based

on the cipher in use by the wireless client that is attempting to

make a connection.

tkip: This is the Temporal Key Integrity Protocol encryption

method added later to the WEP encryption protocol to further

secure. Not all wireless clients may support this.

aes: This is the Advanced Encryption Standard encryption

method, a newer more robust algorithm than TKIP Not all

wireless clients may support this.

wpa-psk {wpa_key | wpa_key_64} Sets the WPA/WPA2 pre-shared key.

[no] wpa2-preauth Enables pre-authentication to allow wireless clients to switch APs

without having to re-authenticate their network connection. The

RADIUS server puts a temporary PMK Security Authorization

cache on the wireless clients. It contains their session ID and a

pre-authorized list of viable APs.

Use the no parameter to disable this.

[no] reauth <30..30000> Sets the interval (in seconds) between authentication requests.

The default is 0.

idle <30..30000> Sets the idle interval (in seconds) that a client can be idle before

authentication is discontinued.

The default is 300.

group-key <30..30000> Sets the interval (in seconds) at which the AP updates the group

WPA/WPA2 encryption key.

The default is 1800.

[no] dot1x-eap Enables 802.1x secure authentication. Use the no parameter to

disable it.

eap {external | internal auth_method} Sets the 802.1x authentication method.

[no] server-auth <1..2> activate Activates server authentication. Use the no parameter to

deactivate.

server-auth <1..2> ip address ipv4_address

port <1..65535> secret secret

Sets the IPv4 address, port number and shared secret of the

RADIUS server to be used for authentication.

[no] server-auth <1..2> Clears the server authentication setting.

exit Exits configuration mode for this profile.

Table 21 Command Summary: Security Profile (continued)

COMMAND DESCRIPTION

Router(config)# wlan-security-profile SECURITY01

Router(config-security-profile)# mode wpa2

Router(config-security-profile)# wpa-encrypt aes

Router(config-security-profile)# wpa-psk 12345678

Router(config-security-profile)# idle 3600

Router(config-security-profile)# reauth 1800

Router(config-security-profile)# group-key 1800

Router(config-security-profile)# exit

Router(config)#

Table of Contents

Other manuals for ZyXEL Communications UAG Series

User Guide323 pages

Cli Reference Guide282 pages

Quick Start Guide2 pages

Related product manuals

Preview: ZyXEL Communications UAG4100

ZyXEL Communications UAG4100

Preview: ZyXEL Communications UAG2100

ZyXEL Communications UAG2100

Preview: ZyXEL Communications UAG5100

ZyXEL Communications UAG5100

Preview: ZYWALL USG 20

Preview: ZyWALL USG 50

Preview: ZYWALL USG CLI

Preview: ZyWall USG20-VPN

ZyWall USG20-VPN

Preview: ZyWALL USG100-Plus

ZyWALL USG100-Plus

Preview: ZyWALL USG 100 Series

ZyWALL USG 100 Series

Preview: USG-100@USG-200 - V2.20 ED 2

USG-100@USG-200 - V2.20 ED 2