logo CISCO

Hoʻokomo ʻia ka mea hoʻoponopono ʻole ʻole Catalyst Access Points
Ke alakaʻi hoʻohana

ʻIkepili huna
1 Hoʻokomo ʻia ka mea hoʻoponopono ʻole ʻole Catalyst Access Points
2 Hash-to-Element (H2E)
3 YANG (Kōhua RPC)
4 Ke hoʻonohonoho nei i ka WPA3 SAE H2E
5 Ke hōʻoia nei i ke kākoʻo WPA3 SAE H2E ma WLAN
6 Palapala / Punawai
6.1 Nā kuhikuhi

Hoʻokomo ʻia ka mea hoʻoponopono ʻole ʻole Catalyst Access Points

CISCO Embedded Wireless Controller Catalyst Access PointsCISCO Embedded Wireless Controller Catalyst Access Points - figKākoʻo no ka Hash-to-Element no ka hua'ōlelo Element ma SAE Authentication

 

  • Hash-to-Element (H2E), ma ka ʻaoʻao 1
  • YANG (RPC model), ma ka ʻaoʻao 1
  • Ke hoʻonohonoho nei i ka WPA3 SAE H2E, ma ka ʻaoʻao 2
  • Ke hōʻoia nei i ke kākoʻo WPA3 SAE H2E ma WLAN, ma ka ʻaoʻao 4

Hash-to-Element (H2E)

ʻO Hash-to-Element (H2E) kahi hana SAE Password Element (PWE) hou. Ma kēia ʻano, hana ʻia ka PWE huna i hoʻohana ʻia ma ka protocol SAE mai kahi ʻōlelo huna.
Ke hoʻomaka ka STA e kākoʻo iā H2E i ka SAE me kahi AP, nānā ʻo ia inā kākoʻo ʻo AP iā H2E. Inā ʻae, hoʻohana ka AP i ka H2E no ka loaʻa ʻana o ka PWE ma o ka hoʻohana ʻana i kahi waiwai Kūlana Kūlana hou i wehewehe ʻia ma ka memo SAE Commit.
Inā hoʻohana ʻo STA i ka Hunting-and-Pecking, ʻaʻole i loli ka hoʻololi holoʻokoʻa SAE.
ʻOiai e hoʻohana ana i ka H2E, ua māhele ʻia ka derivation PWE i nā ʻāpana aʻe:

  • ʻO ka loaʻa ʻana o kahi mea kikowaena huna PT mai ka ʻōlelo huna. Hiki ke hoʻokō ʻia kēia ma waho i ka wā i hoʻonohonoho mua ʻia ai ka ʻōlelo huna ma ka hāmeʻa no kēlā me kēia hui i kākoʻo ʻia.
  • ʻO ka loaʻa ʻana o ka PWE mai ka PT i mālama ʻia. Pili kēia i ka hui kūkākūkā a me nā helu MAC o nā hoa. Hana ʻia kēia i ka manawa maoli i ka wā o ka hoʻololi SAE.

CISCO Embedded Wireless Controller Catalyst Access Points - ikona Nānā

  • Hoʻokomo pū ʻia ke ʻano H2E i ka pale ʻana i ka hui Downgrade kanaka-i-ka-waena. I ka wā o ka hoʻololi SAE, hoʻololi nā hoa i nā papa inoa o nā hui i hōʻole ʻia i hoʻopaʻa ʻia i ka derivation PMK. Hoʻohālikelike kēlā me kēia hoa i ka papa inoa i loaʻa me ka papa inoa o nā pūʻulu i kākoʻo ʻia, ʻike ʻia kekahi ʻokoʻa i kahi hoʻouka iho a hoʻopau i ka hōʻoia.

YANG (Kōhua RPC)

No ka hana ʻana i RPC no ke ʻano SAE Password Element (PWE), e hoʻohana i kēia ʻano hoʻohālike RPC:CISCO Embedded Wireless Controller Catalyst Access Points - fig1
CISCO Embedded Wireless Controller Catalyst Access Points - ikona Nānā

Hana ka hana holoi i hoʻokahi hana i ka manawa ma muli o ka palena infra o kēia manawa. ʻO ia hoʻi, ma YANG module, ʻaʻole i kākoʻo ʻia ka hana holoi ʻana ma nā nodes he nui.

Ke hoʻonohonoho nei i ka WPA3 SAE H2E

Kaʻina hana Kauoha a hana paha Ke kumu
KaʻAnuʻu 1 hoʻonohonoho i ka pahu
Example:
Mea # hoʻonohonoho i ka pahu		 Hoʻokomo i ke ʻano hoʻonohonoho honua.
KaʻAnuʻu 2 wan wan-inoa waned SSID-inoa Example:
Mea hana(config)# wan WPA3 1 WPA3		 Hoʻokomo i ka sub-mode hoʻonohonoho WLAN.
KaʻAnuʻu 3 ʻaʻohe palekana wpa akm dot1x
Example:
Mea hana(config-wlan)# ʻaʻohe palekana wpaakm dot1x		 Hoʻopau i ka AKM palekana no dot1x.
KaʻAnuʻu 4 ʻaʻohe palekana ft over-the-ds Example:
Mea hana(config-wlan)# ʻaʻohe palekana ft over-the-ds		 Hoʻopau i ka hoʻololi wikiwiki ʻana ma luna o ke kumu ʻikepili ma WLAN.
KaʻAnuʻu 5 ʻaʻohe palekana ft Example:
Mea hana(config-wlan)# ʻaʻohe palekana ft		 Hoʻopau i ka hoʻololi wikiwiki 802.11r ma ka WLAN.
KaʻAnuʻu 6 ʻaʻohe palekana wpa wpa2 Example:
Mea hana(config-wlan)# ʻaʻohe palekana wpa wpa2		 Hoʻopau i ka palekana WPA2. Ua pio ʻo PMF i kēia manawa.
KaʻAnuʻu 7 palekana wpa wpa2 ciphers aes
Example:
Mea hana(config-wlan)# palekana wpa wpa2 ciphers aes		 Hoʻonohonoho i ka WPA2 cipher.
Hoʻomaopopo Hiki iā ʻoe ke nānā inā ua hoʻonohonoho ʻia ka cipher me ka hoʻohana ʻole i ka palekana wpa wpa2 ciphers aes kauoha. Inā ʻaʻole hoʻonohonoho hou ʻia ka cipher, hoʻonohonoho i ka
cipher.
KaʻAnuʻu 8 palekana wpa psk set-key ascii waiwai preshared-key Example:
Mea hana(config-wlan)# palekana wpa psk set-key ascii 0 Cisco123		 Hōʻike i kahi kī presaged.
KaʻAnuʻu 9 palekana wpa wpa3 Example:
Mea hana(config-wlan)# palekana wpa wpa3		 Hiki iā WPA3 ke kākoʻo.
KaʻAnuʻu 10 palekana wpa akm sae Example:
Mea hana(config-wlan)# palekana wpa akm sae		 Hiki iā AKM SAE ke kākoʻo.
KaʻAnuʻu 11 palekana wpa akm sae pwe {h2e | hnp | ʻelua-h2e-hnp}
Example:
Mea hana(config-wlan)# palekana wpa akm sae pwe		 Hiki iā AKM SAE PWE ke kākoʻo.
Kākoʻo ʻo PWE i kēia mau koho:
• h2e—Hash-to-Element wale nō; hoopau ia Hnp.
• hnp—Ka Huli a me ka Peku wale; hoʻopau i ka H2E.
• ʻelua-h2e-hnp—ʻO ke kākoʻo ʻo Hash-to-Element a me Hunting a me Pecking (ʻo ia ke koho paʻamau).
KaʻAnuʻu 12 ʻaʻohe pani Example:
Mea hana(config-wlan)# ʻaʻohe pani		 Hiki i ka WLAN.
KaʻAnuʻu 13 pau Example:
Mea hana(config-wlan)# hope		 Hoʻi i ke ʻano EXEC ponoʻī.

Ke hōʻoia nei i ke kākoʻo WPA3 SAE H2E ma WLAN

I ka view nā waiwai WLAN (PWE ala) e pili ana i ka WLAN ID, e hoʻohana i kēia kauoha:

CISCO Embedded Wireless Controller Catalyst Access Points - fig2

CISCO Embedded Wireless Controller Catalyst Access Points - fig3
CISCO Embedded Wireless Controller Catalyst Access Points - fig4

No ka hōʻoia ʻana i ka hui mea kūʻai aku i hoʻohana i ke ʻano PWE e like me H2E a i ʻole Hnp, e hoʻohana i kēia kauoha:
CISCO Embedded Wireless Controller Catalyst Access Points - fig5
CISCO Embedded Wireless Controller Catalyst Access Points - fig6

CISCO Embedded Wireless Controller Catalyst Access Points - fig7
I ka view ka helu o nā hōʻoia SAE e hoʻohana ana i ka H2E a me HnP, e hoʻohana i kēia kauoha:

CISCO Embedded Wireless Controller Catalyst Access Points - fig8CISCO Embedded Wireless Controller Catalyst Access Points - fig9

Kākoʻo no ka Hash-to-Element no ka hua'ōlelo Element ma SAE Authenticationlogo CISCO

Palapala / Punawai

CISCO Embedded Wireless Controller Catalyst Access Points [pdf] Ke alakaʻi hoʻohana
Hoʻokomo ʻia ka mea hoʻopono uʻi ʻole i nā kiʻi kiʻi kiʻi kiʻi kiʻi kiʻi kiʻi kiʻi kiʻi kiʻi.

Nā kuhikuhi

Waiho i kahi manaʻo

ʻAʻole e paʻi ʻia kāu leka uila. Hōʻailona ʻia nā kahua i makemake ʻia *