CISCO chiratidzo

Embedded Wireless Controller Catalyst Access Points
User Guide

Zviri mukati hide
1 Embedded Wireless Controller Catalyst Access Points
2 Hash-to-Element (H2E)
3 YANG (RPC modhi)
4 Kugadzirisa WPA3 SAE H2E
5 Kuongorora WPA3 SAE H2E Tsigiro muWLAN
6 Zvinyorwa / Zvishandiso
6.1 References

Embedded Wireless Controller Catalyst Access Points

CISCO Yakamisikidzwa Wireless Controller Catalyst Access PointsCISCO Embedded Wireless Controller Catalyst Access Points - figTsigiro yeHash-ku-Element yePasiwedhi Element muSAE Kusimbisa

 

  • Hash-to-Element (H2E), iri papeji 1
  • YANG (RPC modhi), pane peji 1
  • Kugadzirisa WPA3 SAE H2E, papeji 2
  • Kuongorora WPA3 SAE H2E Tsigiro muWLAN, papeji 4

Hash-to-Element (H2E)

Hash-to-Element (H2E) inzira itsva yeSAE Password Element (PWE). Nenzira iyi, yakavanzika PWE inoshandiswa muSAE protocol inogadzirwa kubva papassword.
Kana STA inotsigira H2E inotanga SAE neAP, inotarisa kana AP inotsigira H2E. Kana hongu, iyo AP inoshandisa H2E kutora iyo PWE nekushandisa ichangobva kutsanangurwa Status Code kukosha muSAE Commit meseji.
Kana STA inoshandisa Hunting-and-Pecking, iyo yose SAE exchange inoramba isina kuchinja.
Ndichiri kushandisa iyo H2E, iyo PWE inotorwa yakakamurwa kuita zvinotevera zvikamu:

  • Kutorwa kwechinhu chakavanzika chepakati PT kubva papassword. Izvi zvinogona kuitwa pasina indaneti kana password yatanga kugadzirwa pachishandiso cheboka rega rega rinotsigirwa.
  • Kutorwa kwePWE kubva kune yakachengetwa PT. Izvi zvinoenderana neboka rinotaurirana uye kero dzeMAC dzevezera. Izvi zvinoitwa munguva chaiyo-nguva panguva yeSAE exchange.

CISCO Embedded Wireless Controller Catalyst Access Points - icon Cherechedza

  • Iyo nzira yeH2E inosanganisirawo dziviriro kubva kuBoka Downgrade man-in-the-pakati kurwisa. Munguva yekutsinhana kweSAE, vezera vanotsinhana mazita emapoka akarambwa akasungirirwa muchikamu chePMK. Wezera wega wega anofananidza runyorwa rwakagamuchirwa nerunyorwa rwemapoka anotsigirwa, chero mutsauko unoona kurwiswa kwepasi uye unogumisa huchokwadi.

YANG (RPC modhi)

Kugadzira RPC yeSAE Password Element (PWE) modhi, shandisa inotevera RPC modhi:CISCO Embedded Wireless Controller Catalyst Access Points - fig1
CISCO Embedded Wireless Controller Catalyst Access Points - icon Cherechedza

Iyo yekudzima mashandiro anoita chiitiko chimwe panguva nekuda kweiyo infra miganho. Kureva kuti, muYANG module, iyo yekudzima mashandiro pane akawanda node haitsigirwe.

Kugadzirisa WPA3 SAE H2E

Maitiro Raira kana Chiito Chinangwa
Danho 1 gadzirisa terminal
Example:
Chishandiso# gadzirisa terminal		 Inopinda pasi rose configuration mode.
Danho 2 wan wan-zita rakaderera SSID-zita Example:
Mudziyo(config)# wan WPA3 1 WPA3		 Inopinda WLAN configuration sub-modhi.
Danho 3 hapana chengetedzo wpa akm dot1x
Example:
Chishandiso(config-wlan)# hapana chengetedzo wpaakm dot1x		 Inodzima kuchengetedza AKM ye dot1x.
Danho 4 hapana kuchengeteka ft pamusoro-the-ds Example:
Chishandiso(config-wlan)# hapana chengetedzo ft pamusoro-the-ds		 Inodzima kukurumidza kushandura pamusoro penzvimbo yedata paWLAN.
Danho 5 hapana security ft Example:
Chishandiso(config-wlan)# hapana chengetedzo ft		 Inodzima 802.11r inokurumidza shanduko paWLAN.
Danho 6 hapana chengetedzo wpa wpa2 Eksample:
Chishandiso(config-wlan)# hapana chengetedzo wpa wpa2		 Inodzima WPA2 kuchengetedza. PMF yakaremara ikozvino.
Danho 7 chengetedzo wpa wpa2 ciphers aes
Example:
Chishandiso(config-wlan)# chengetedzo wpa wpa2 ciphers aes		 Inogadzirisa WPA2 cipher.
Cherechedza Unogona kutarisa kana cipher yakagadziridzwa usinga chengetedze wpa wpa2 ciphers aes command. Kana cipher isina kusetwa patsva, gadzirisa iyo
cipher.
Danho 8 chengetedzo wpa psk set-kiyi ascii kukosha preshared-kiyi Eksample:
Mudziyo(config-wlan)# chengetedzo wpa psk set-kiyi ascii 0 Cisco123		 Inotsanangura kiyi yakafanotaurwa.
Danho 9 chengetedzo wpa wpa3 Eksample:
Chishandiso(config-wlan)# chengetedzo wpa wpa3		 Inogonesa WPA3 rutsigiro.
Danho 10 chengetedzo wpa akm se Example:
Mudziyo(config-wlan)# chengetedzo wpa akm sae		 Inogonesa AKM SAE rutsigiro.
Danho 11 chengetedzo wpa akm se pwe {h2e | hnp | zvose-h2e-hnp}
Example:
Mudziyo(config-wlan)# chengetedzo wpa akm sae pwe		 Inogonesa AKM SAE PWE rutsigiro.
PWE inotsigira zvinotevera sarudzo:
• h2e—Hash-to-Element chete; inodzima Hnp.
• hnp—Kuvhima uye Pecking chete; inodzima H2E.
• Both-h2e-hnp—Zvese Hash-to-Element uye Hunting uye Pecking rutsigiro (Ndiyo yakasarudzika sarudzo).
Danho 12 hapana kuvhara Example:
Chishandiso(config-wlan)# hapana kudzima		 Inogonesa iyo WLAN.
Danho 13 kupera Eksample:
Chishandiso(config-wlan)# kupera		 Inodzokera kune yakasarudzika EXEC modhi.

Kuongorora WPA3 SAE H2E Tsigiro muWLAN

To view iyo WLAN zvivakwa (PWE nzira) zvichibva paWLAN ID, shandisa murairo unotevera:

CISCO Embedded Wireless Controller Catalyst Access Points - fig2

CISCO Embedded Wireless Controller Catalyst Access Points - fig3
CISCO Embedded Wireless Controller Catalyst Access Points - fig4

Kuona mubatanidzwa wevatengi vakashandisa nzira yePWE seH2E kana Hnp, shandisa murairo unotevera:
CISCO Embedded Wireless Controller Catalyst Access Points - fig5
CISCO Embedded Wireless Controller Catalyst Access Points - fig6

CISCO Embedded Wireless Controller Catalyst Access Points - fig7
To view nhamba yeSAE yekusimbisa uchishandisa H2E neHnP, shandisa murairo unotevera:

CISCO Embedded Wireless Controller Catalyst Access Points - fig8CISCO Embedded Wireless Controller Catalyst Access Points - fig9

Tsigiro yeHash-ku-Element yePasiwedhi Element muSAE KusimbisaCISCO chiratidzo

Zvinyorwa / Zvishandiso

CISCO Yakamisikidzwa Wireless Controller Catalyst Access Points [pdf] Bhuku reMushandisi
Embedded Wireless Controller Catalyst Access Points, Wireless Controller Catalyst Access Points, Controller Catalyst Access Points, Catalyst Access Points, Access Points, Points.

References

Siya mhinduro

Yako email kero haizoburitswa. Nzvimbo dzinodiwa dzakamakwa *