Tambarin CISCO

Haɗe-haɗe Mai Kula da Mara waya ta Matsalolin Samun damar shiga
Jagorar Mai Amfani

Abubuwan da ke ciki boye
1 Haɗe-haɗe Mai Kula da Mara waya ta Matsalolin Samun damar shiga
2 Hash-to-Element (H2E)
3 YANG (samfurin RPG)
4 Ana saita WPA3 SAE H2E
5 Tabbatar da Tallafin WPA3 SAE H2E a cikin WLAN
6 Takardu / Albarkatu
6.1 Magana

Haɗe-haɗe Mai Kula da Mara waya ta Matsalolin Samun damar shiga

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman BayanaiCISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - figTaimako don Hash-to-Element don Abubuwan Kalmar wucewa a cikin Tabbatarwa na SAE

 

  • Hash-to-Element (H2E), shafi na 1
  • YANG (samfurin RPG), shafi na 1
  • Ana saita WPA3 SAE H2E, akan shafi na 2
  • Tabbatar da Tallafin WPA3 SAE H2E a cikin WLAN, a shafi na 4

Hash-to-Element (H2E)

Hash-to-Element (H2E) sabuwar hanya ce ta SAE Password Element (PWE). A wannan hanyar, sirrin PWE da aka yi amfani da shi a cikin ka'idar SAE yana samuwa daga kalmar sirri.
Lokacin da STA mai goyan bayan H2E ta fara SAE tare da AP, yana bincika ko AP tana goyan bayan H2E. Idan eh, AP tana amfani da H2E don samun PWE ta amfani da sabuwar ƙayyadaddun ƙimar Lambar Matsayi a cikin saƙon Saƙon SAE.
Idan STA ta yi amfani da Farauta-da-Pecking, duk musayar SAE ba ta canzawa.
Yayin amfani da H2E, an raba samuwar PWE zuwa abubuwan da suka biyo baya:

  • Samar da wani PT mai tsaka-tsakin sirri daga kalmar sirri. Ana iya yin wannan ba tare da layi ba lokacin da aka fara saita kalmar wucewa akan na'urar don kowace ƙungiya mai tallafi.
  • Samuwar PWE daga PT da aka adana. Wannan ya dogara da ƙungiyar da aka yi shawarwari da adireshin MAC na takwarorinsu. Ana yin wannan a ainihin lokacin yayin musayar SAE.

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanai - icon Lura

  • Hanyar H2E kuma ta haɗa da kariya daga hare-hare na mutum-na-tsakiyar Ƙungiya Downgrade. A yayin musayar SAE, ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun ƙwararrun suna musayar jerin sunayen ƙungiyoyin da aka ƙi. Kowane takwarorinsu yana kwatanta lissafin da aka karɓa tare da jerin ƙungiyoyin da aka goyan baya, kowane saɓani yana gano harin rage darajar kuma ya ƙare amincin.

YANG (samfurin RPG)

Don ƙirƙirar RPC don yanayin Sashe na Kalmar wucewa (PWE), yi amfani da ƙirar RPC mai zuwa:CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig1
CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanai - icon Lura

Ayyukan sharewa yana yin aiki ɗaya a lokaci ɗaya saboda iyakancewar infra na yanzu. Wato, a cikin tsarin YANG, ba a tallafawa aikin sharewa akan nodes da yawa.

Ana saita WPA3 SAE H2E

Tsari Umurni ko Aiki Manufar
Mataki na 1 saita tasha
Exampda:
Na'ura# saita tashar tashar		 Yana shiga yanayin sanyi na duniya.
Mataki na 2 wan wan-name ya rasa SSID-suna Exampda:
Na'ura(config)# wan WPA3 1 WPA3		 Yana shigar da ƙananan yanayin tsarin WLAN.
Mataki na 3 babu tsaro wpa akm dot1x
Exampda:
Na'ura(config-wlan)# babu tsaro wpaakm dot1x		 Yana kashe tsaro AKM don dot1x.
Mataki na 4 babu tsaro ft kan-da-ds Exampda:
Na'ura(config-wlan)# babu tsaro ft over-the-ds		 Yana kashe saurin canji akan tushen bayanai akan WLAN.
Mataki na 5 babu tsaro ft Exampda:
Na'ura(config-wlan)# babu tsaro ft		 Yana kashe saurin 802.11r akan WLAN.
Mataki na 6 babu tsaro wpa wpa2 Exampda:
Na'ura(config-wlan)# babu tsaro wpa wpa2		 Yana kashe tsaro WPA2. An kashe PMF yanzu.
Mataki na 7 tsaro wpa wpa2 ciphers aes
Exampda:
Na'ura(config-wlan)# security wpa wpa2 ciphers aes		 Yana saita WPA2 cipher.
Lura Kuna iya bincika ko an saita cipher ta amfani da tsaro wpa wpa2 ciphers aes umurnin. Idan ba'a sake saita sifa ba, saita
sifa.
Mataki na 8 tsaro wpa psk saitin-key ascii ƙimar preshared-key Exampda:
Na'ura(config-wlan)# security wpa psk saiti-key ascii 0 Cisco123		 Yana ƙayyade maɓalli da aka riga aka rigaya.
Mataki na 9 tsaro wpa wpa3 Exampda:
Na'ura(config-wlan)# security wpa wpa3		 Yana kunna goyan bayan WPA3.
Mataki na 10 tsaro wpa akm sae Exampda:
Device(config-wlan)# security wpa akm sae		 Yana ba da damar tallafin AKM SAE.
Mataki na 11 tsaro wpa akm sae pwe {h2e | hnp | biyu-h2e-hnp}
Exampda:
Device(config-wlan)# security wpa akm sae pwe		 Yana ba da damar tallafin AKM SAE PWE.
PWE tana goyan bayan zaɓuɓɓuka masu zuwa:
• h2e-Hash-to-Element kawai; kashe Hnp.
hnp — Farauta da Pecking kawai; yana hana H2E.
Duk-h2e-hnp-Dukansu Hash-to-Element da Farauta da tallafin Pecking (Shin zaɓin tsoho).
Mataki na 12 babu kashewa Exampda:
Na'ura(config-wlan)# babu kashewa		 Yana kunna WLAN.
Mataki na 13 karshen Exampda:
Na'ura(config-wlan)# ƙare		 Ya dawo ga yanayin EXEC mai gata.

Tabbatar da Tallafin WPA3 SAE H2E a cikin WLAN

Zuwa view Abubuwan WLAN (hanyar PWE) bisa WLAN ID, yi amfani da umarni mai zuwa:

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig2

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig3
CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig4

Don tabbatar da ƙungiyar abokin ciniki waɗanda suka yi amfani da hanyar PWE azaman H2E ko Hnp, yi amfani da umarni mai zuwa:
CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig5
CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig6

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig7
Zuwa view adadin amincin SAE ta amfani da H2E da HnP, yi amfani da umarni mai zuwa:

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig8CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanan Samun damar - fig9

Taimako don Hash-to-Element don Abubuwan Kalmar wucewa a cikin Tabbatarwa na SAETambarin CISCO

Takardu / Albarkatu

CISCO Haɗe-haɗe Mai Kula da Mara waya ta Mahimman Bayanai [pdf] Jagorar mai amfani
Haɗe-haɗen Mai sarrafa Wireless Mai Haɓaka Mahimman Bayanan Samun damar, Mara waya ta Mai Sarrafa Mahimmanci, Wuraren Samun damar Mai Gudanarwa, Matsakaicin Samun Mahimmanci, Wuraren Samun damar, Makiyoyi.

Magana

Bar sharhi

Ba za a buga adireshin imel ɗin ku ba. Ana yiwa filayen da ake buƙata alama *