5-53
Security
WIRED EQUIVALENT PRIVACY (WEP)
WEP provides a basic level of security, preventing unauthorized access to the
network, and encrypting data transmitted between wireless clients and the access
point. WEP uses static shared keys (fixed-length hexadecimal or alphanumeric
strings) that are manually distributed to all clients that want to use the network.
WEP is the security protocol initially specified in the IEEE 802.11 standard for
wireless communications. Unfortunately, WEP has been found to be seriously
flawed and cannot be recommended for a high level of network security. For
more robust wireless security, the access point provides Wi-Fi Protected Access
(WPA) for improved data encryption and user authentication.
Setting up shared keys enables the basic IEEE 802.11 Wired Equivalent Privacy
(WEP) on the access point to prevent unauthorized access to the network.
If you choose to use WEP shared keys instead of an open system, be sure to
define at least one static WEP key for user authentication and data encryption.
Also, be sure that the WEP shared keys are the same for each client in the wireless
network.
802.1x WPA-WPA2
Mixed Mode
Authentication: WPA-WPA2-mixed
Encryption: Enable
WPA Configuration: Required
Cipher Suite: TKIP
802.1x: Required
Set 802.1x key refresh and re authentication rates
Local or Disabled Yes
WPA-WPA2 Mixed
Mode Pre-Shared Key
Authentication: WPA-WPA2-PSK-mixed
Encryption: Enable
WPA Configuration: Required
Cipher Suite: TKIP
802.1x: Disable
WPA Pre-shared Key Type: Hexadecimal or
Alphanumeric
Enter a WPA Pre-shared key
Local or Disabled No
a The configuration summary does not include the set up for MAC authentication (see page 5-10) or
RADIUS server (see page 5-8).
b The configuration of RADIUS MAC authentication together with 802.1x WPA or WPA Pre-shared
Key is not supported.
c RADIUS server required only when RADIUS MAC authentication is configured.
Client Security
Combination
Configuration Summary
a
MAC
Authentication
b
RADIUS
Server
NOTE: If you choose to configure RADIUS MAC authentication together with
802.1X, the RADIUS MAC address authentication occurs prior to 802.1X
authentication. Only when RADIUS MAC authentication succeeds is 802.1X
authentication performed. When RADIUS MAC authentication fails, 802.1X
authentication is not performed.