Filter
Top Products
AT-TQ2403 Management Software User's Guide 73
Field Description
Cipher Suites Select the cipher suite you want to use:
TKIP
CCMP (AES)
Both
Temporal Key Integrity Protocol (TKIP) is the default.
TKIP: It provides a more secure encryption solution than WEP keys. The
TKIP process more frequently changes the encryption key used and better
ensures that the same key will not be re-used to encrypt data (a weakness of
WEP). TKIP uses a 128-bit "temporal key" shared by clients and access points.
The temporal key is combined with the client's MAC address and a 16-octet
initialization vector to produce the key that will encrypt the data. This
ensures that each client station uses a different key to encrypt data. TKIP uses
RC4 to perform the encryption, which is the same as WEP. But TKIP changes
temporal keys every 10,000 packets and distributes them, thereby greatly
improving the security of the network.
CCMP (AES): Counter mode/CBC-MAC Protocol (CCMP) is an
encryption method for IEEE 802.11i that uses the Advanced Encryption
Algorithm (AES). It uses a CCM combined with Cipher Block Chaining
Counter mode (CBC-CTR) and Cipher Block Chaining Message
Authentication Code (CBC-MAC) for encryption and message integrity.
Both: If you select both TKIP and CCMP(AES), Pairwise cipher is AES and
Groupwise cipher is TKIP. Pairwise cipher is used for unicast traffic and
Groupwise cipher is used for multicast/ broadcast traffic. Both TKIP and AES
clients can associate with the access point. WPA clients must have one of the
following to be able to associate with the AP:
A valid TKIP key
A valid CCMP (AES) key
Clients not configured to use a WPA Personal will not be able to associate
with AP.
Key The Pre-shared Key is the shared secret key for WPA Personal. Enter a string
of at least 8 characters to a maximum of 63 characters.
WPA Enterprise
Wi-Fi Protected Access Enterprise with Remote Authentication Dial-In User Service (RADIUS) is an
implementation of the Wi-Fi Alliance IEEE 802.11i standard, which includes Advanced Encryption
Standard (AES), Counter mode/CBC-MAC Protocol (CCMP), and Temporal Key Integrity Protocol
(TKIP) mechanisms. The Enterprise mode requires the use of a RADIUS server to authenticate users,
and configuration of user accounts via the User Management tab.
This security mode is backwards-compatible with wireless clients that support the original WPA. When
configuring WPA Enterprise mode, you have a choice of whether to use the built-in RADIUS server or
an external RADIUS server that you provide. The AT-TQ2403 Management Software built-in RADIUS
server supports Protected EAP (PEAP) and MSCHAP V2.
If you selected WPA Enterprise security mode, provide the following: