Virtual Access Points Profiles

A Virtual Access Point Profile allows the administrator to pre-configure and save access point settings in a profile. VAP Profiles allows settings to be easily applied to new Virtual Access Points. Virtual Access Point Profiles are configured from the SonicPoint > Virtual Access Point page.

Topics:
Virtual Access Point Profile Settings
WPA-PSK / WPA2-PSK Encryption Settings
WPA-EAP / WPA2-EAP Encryption Settings
Shared/Both (WEP) Encryption Settings
Virtual Access Point Profile Settings

Virtual Access Point Profile Settings lists configuration parameters and descriptions for Virtual Access Point Profile Settings:

 

Virtual Access Point Profile Settings

Feature

Description

Name

Choose a friendly name for this VAP Profile. Choose something descriptive and easy to remember as you will later apply this profile to new VAPs.

Type

Set to SonicPoint by default. Retain this default setting if using SonicPoints as VAPs (currently the only supported radio type)

Authentication Type

Below is a list of available authentication types with descriptive features and uses for each:

WEP

Lower security
For use with older legacy devices, PDAs, wireless printers

WPA

Good security (uses TKIP)
For use with trusted corporate wireless clients
Transparent authentication with Windows log-in
No client software needed in most cases

WPA2

Best security (uses AES)
For use with trusted corporate wireless clients
Transparent authentication with Windows log-in
Client software install may be necessary in some cases
Supports 802.11i “Fast Roaming” feature
No backend authentication needed after first log-in (allows for faster roaming)

WPA2-AUTO

Tries to connect using WPA2 security, if the client is not WPA2 capable, the connection will default to WPA.

Unicast Cipher

The unicast cipher is chosen automatically based on the authentication type.

Multicast Cipher

The multicast cipher is chosen automatically based on the authentication type.

Maximum Clients

Choose the maximum number of concurrent client connections permissible for this virtual access point.
WPA-PSK / WPA2-PSK Encryption Settings

Pre-Shared Key (PSK) is available when using WPA or WPA2. This solution utilizes a shared key.

 

WPA-PSK / WPA2-PSK Encryption Settings

Feature

Description

Pass Phrase

The shared passphrase users enter when connecting with PSK-based authentication.

Group Key Interval

The time period for which a Group Key is valid. The default value is 86400 seconds.

NOTE: Setting too low of a value can cause connection issues.
WPA-EAP / WPA2-EAP Encryption Settings

Extensible Authentication Protocol (EAP) is available when using WPA or WPA2. This solution utilizes an external 802.1x/EAP-capable RADIUS server for key generation.

 

WPA-EAP / WPA2-EAP Encryption Settings

Feature

Description

RADIUS Server 1

The IP address or fully qualified domain name (FQDN) of your RADIUS authentication server.

RADIUS Server 1 Port

The port on which your RADIUS authentication server communicates with clients and network devices. The default is 1812.

RADIUS Server 1 Secret

The shared secret between the SonicWall and the RADIUS authentication server.

RADIUS Server 2

The IP address or fully qualified domain name (FQDN) of your backup RADIUS authentication server.

RADIUS Server 2 Port

The port on which your backup RADIUS authentication server communicates with clients and network devices. The default is 1812.

RADIUS Server 2 Secret

The secret passcode for your backup RADIUS authentication server.

Group Key Interval

The time period (in seconds) during which the WPA/WPA2 group key is enforced to be updated.
Shared/Both (WEP) Encryption Settings

WEP is provided for use with legacy devices that do not support the newer WPA/WPA2 encryption methods. This solution utilizes a shared key.

 

WEP Encryption Settings

Feature

Description

Encryption Key

Select the key to use for WEP connections to this VAP. WEP encryption keys are configured in the SonicPoint > SonicPoints page under SonicPoint Provisioning Profiles