About configuring 802.1x wireless access points on a LAN Enforcer appliance
|Article:HOWTO81744|||||Created: 2012-10-25|||||Updated: 2014-09-21|||||Article URL http://www.symantec.com/docs/HOWTO81744|
The LAN Enforcer appliance supports a number of wireless protocols, which includes WEP 56, WEP 128, and WPA/WPA2 with 802.1x.
You can configure a LAN Enforcer to protect the wireless access point (AP) as much as it protects a switch if the following conditions are met:
The network includes a wireless LAN Enforcer appliance with 802.1x.
Wireless clients run a supplicant that supports one of these protocols.
The wireless AP supports one of these protocols.
For wireless connections, the authenticator is the logical LAN port on the wireless AP.
You configure a wireless AP for 802.1x and for switches in the same way. You include wireless APs to the LAN Enforcer settings as part of a switch profile. Wherever an instruction or part of the user interface refers to a switch, use the comparable wireless AP terminology. For example, if you are instructed to select a switch model, select the wireless AP model. If the vendor of the wireless AP is listed, select it for the model. If the vendor is not listed, choose.
The configuration for wireless AP for 802.1x and for switches include the following differences:
Only basic configuration is supported.
The transparent mode is not supported.
There can also be differences in support for VLANs, depending on the wireless AP.
Some dynamic VLAN switches may require you to configure the AP with multiple service set identifiers (SSIDs). Each SSID is associated with a VLAN.
See the documentation that comes with the dynamic VLAN switch.
Based on the wireless AP model that you use, you may want to use one of the following access control options instead of a VLAN:
Article URL http://www.symantec.com/docs/HOWTO81744