System Configuration
5-16
• MAC Authentication Table: Displays current entries in the local
MAC database.
802.1x Setup – IEEE 802.1x is a standard framework for network
access control that uses a central RADIUS server for user
authentication. This control feature prevents unauthorized access
to the network by requiring an 802.1x client application to submit
user credentials for authentication. The 802.1x standard uses the
Extensible Authentication Protocol (EAP) to pass user credentials
(either digital certificates, user names and passwords, or other)
from the client to the RADIUS server. Client authentication is then
verified on the RADIUS server before the access point grants
client access to the network.
The 802.1x EAP packets are also used to pass dynamic unicast
session keys and static broadcast keys to wireless clients.
Session keys are unique to each client and are used to encrypt
and correlate traffic passing between a specific client and the
access point. You can also enable broadcast key rotation, so the
access point provides a dynamic broadcast key and changes it at
a specified interval.
You can enable 802.1x as optionally supported or as required to
enhance the security of the wireless network.
• Disable: The access point does not support 802.1x
authentication for any wireless client. After successful
wireless association with the access point, each client is
allowed to access the network.
• Supported: The access point supports 802.1x authentication
only for clients initiating the 802.1x authentication process
(i.e., the access point does not initiate 802.1x authentication).
For clients initiating 802.1x, only those successfully
authenticated are allowed to access the network. For those
clients not initiating 802.1x, access to the network is allowed
after successful wireless association with the access point.
• Required: The access point enforces 802.1x authentication for