This task is part of the network policy configuration
workflow. Use this task to configure the SSID AUTHENTICATION options for Enterprise
SSID authentication.
-
On the 2 Wireless page
for the policy, select Enterprise.
This option requires users to authenticate by entering a user name and
password, which the system checks against a RADIUS authentication
server.
-
Select the required Key Management
from the menu, or keep the default value.
Key
Management options:
- WPA3-802.1X uses 128-bit encryption and automatically
enables 802.11w Protected Management Frames, found in the
Advanced Access Security Settings section of
the Wireless Network configuration. If all wireless clients support
WPA3, it is a better choice than WPA2.
- WPA2-802.1X supports PMK caching and preauthentication
(WPA does not). If the wireless clients support WPA2, it is the better
choice over WPA. If you have a lot of legacy clients connecting to the
network, WPA2 is a good choice.
- WPA-802.1X does not support PMK caching or
preauthentication. However, if you know that all the clients that are
going to use this SSID were released before IEEE 802.11i was ratified in
2004 and only support WPA (not WPA2), this option allows the Extreme
Networks devices to support them.
The Encryption
Method is CCMP (AES).
Counter Mode-Cipher Block Chaining Message Authentication Code Protocol
(CCMP) uses AES (Advanced Encryption Standard) encryption. CCMP provides
message integrity by combining counter mode with CBC (cipher block chaining)
to produce a MAC (message authentication code).
-
Select SAVE.
