WPA Authentication
WPA/WPA2 PSK security
WPA/WPA2 EAP security (Station Mode)
WPA/WPA2 EAP security (AP Mode)
MAC Address Control List
characters.
Key Index: allows to specify the Index of the WEP Key used. 4 different WEP keys can be configured at the same time, but only one is
used. Effective key is set with a choice of 1, 2, 3 or 4.
WPA/WPA2
WPA - AES – enable WPA™ security mode with AES support only. Wi-Fi Protected Access - WPA™ (IEEE 802.11i/D3.0) with
pre-shared key management protocol offers improved security methods as they are new protocols that were created under the
802.11i standard to address weaknesses in the WEP approach.
WPA2 - AES – enable WPA2™ security mode with AES support only. Wi-Fi Protected Access 2 - WPA2™ (IEEE 802.11i) with
pre-shared key management protocol offers improved security methods as they are new protocols that were created under the
802.11i standard to address weaknesses in the WEP approach.
WPA Authentication: one of the following WPA™ key selection methods should be specified if WPA™ or
WPA2™ security method is used:
PSK – WPA™ or WPA2™ with Pre-shared Key method (selected by default).
EAP – WPA™ or WPA2™ with EAP (Extensible Authentication Protocol) IEEE
802.1x authentication method. This method is commonly used in Enterprise
networks.
WPA Pre-shared Key: the pass phrase for WPA™ or WPA2™ security method
should be specified if the Pre-shared Key method is selected. The pre-shared key
is an alpha-numeric password between 8 and 63 characters long.
EAP Authentication - Station Mode
WPA Identity: identification credential (also known as identity) used by the
supplicant for EAP authentication (applicable to STA and STA WDS modes
only).
WPA User Name: identification credential (also known as anonymous
identity) used by the supplicant for EAP tunneled authentication (EAP-TTLS)
in unencrypted form (applicable to STA and STA WDS modes only).
WPA User Password: password credential used by the supplicant for EAP authentication (applicable for STA and STA WDS modes
only).
EAP Authentication - AP Mode
Radius Server IP: specifies the RADIUS Server’s IP address. RADIUS is a
networking protocol providing centralized Authentication, Authorization, and
Accounting (AAA) management for computers in order to connect to, and
use a network service.
Radius Server Port: specifies the RADIUS Server’s UDP port. The most
commonly used port is 1812, but that depends on the RADIUS Server you
are using.
Radius Server Secret: specifies the password. A shared secret is a case-sensitive text string used to validate communications
between two RADIUS devices.
Note: When connecting devices in AP-WDS-to-AP-WDS mode, the WPA/WPA2 security methods will not function. When connecting
AP-WDS devices to another AP-WDS device use none or the WEP security method. However, this may compromise the security of your
network. In case of connecting STA-WDS clients to an AP-WDS device, all security methods are available and work properly.
MAC ACL
The maximum number of MAC ACL entries that can be managed trough the AirOS v5.3 Web GUI is 32 MAC addresses. In order to
manage more than 32 entries, read this guide (http://www.ubnt.com/wiki/index.php?title=MAC_ACL_Editing) , which explains how to
manage more MAC addresses modifying the configuration file.
MAC ACL: MAC Access Control List (ACL) provides ability to allow or deny certain
clients to connect to the AP (applicable to AP and AP WDS modes only).
MAC ACL can be enabled by selecting the Enabled checkbox.
There are two ways to set the Access Control List:
define certain wireless clients in the list that will have granted access to the Access
Point while the access will be denied for all the remaining clients - MAC ACL Policy
is set to Allow'.
define certain wireless clients in the list that will have denied access to the Access
Point while the access will be granted for all the remaining clients - MAC ACL
Policy is set to Deny.
The MAC addresses of the wireless clients can be added and removed to the list using the Add and Remove buttons.
Note: MAC Access Control is the weakest security approach. WPA™ or WPA2™ security methods should be used when possible.
AirOS 5.3 - Ubiquiti Wiki
http://www.ubnt.com/wiki/AirOS_5.3
14 van 34 14-4-2011 21:46
