June 30, 2006
Confidential
Document Number BDTM10001-A05 Standard
BelAir100 User Guide
Wireless Security
WPA1 Authentication
show arm<n> wpa1 [ssidx <ssid_index>]
set arm<n> wpa1 ( [{eap|psk <secret string>}]
[rekey {no|kpackets <count>|seconds <seconds>}]
[update {yes|no}] [ssidx <ssid_index>]
{enabled|disabled} )
These commands let you to manage WPA1 authentication.
Note: The syntax statement for the
set
command contains parentheses ( )
enclosing several parameters (for example,
rekey
,
update
or
ssidx
).
When you use this command, you must specify at least one of these
parameters and you must specify either
enabled
or
disabled
.
You can use WPA1 with a pre-shared key. This is suitable, but not
recommended for small networks. The pre-shared key must be between 8 and
63 bytes long. The longer the key, the more secure the connection. The
pre-shared key can be specified as a hexadecimal or ASCII string and must not
contain the following characters:
• exclamation mark (!)
• bar (|)
• semicolon (;)
• question mark (?)
• double quotation mark (“)
You can also use WPA1 with a RADIUS server by specifying
eap
instead of a
pre-shared key. In this case, at least one RADIUS server must be
pre-configured.
The
rekey
parameter allows you to specify Group Key Rekey options to
improve security. These options allow you to specify that a new group key (the
key that is used for communication between the access radio and a group of
clients) must be generated at regular intervals.
If
rekey
is set to
no
, then the group key is not changed. This is the default when
WPA1 is enabled. If
rekey
is set to n seconds, the group key is changed after
that time period. If
rekey
is set to n kpackets, the group key is changed after
that many thousand packets.
If
update
is set to
yes
, the group key changes immediately when one client
leaves the network. The default is
no
.
The
ssid_index
parameter must be a valid SSID index. The default value is 1.
CAUTION!
Re-keying is disabled when WEP is selected.