Symbol Technologies WS 2000 Switch User Manual


 
WS 2000 Wireless Switch System Reference Guide5-12
4. Specify a time period in seconds for broadcasting encryption-key changes to mobile units. Set key broadcasts to a
shorter time interval (at least 300 seconds) for tighter security on this WLAN’s wireless connections. Set key broadcasts
to a longer time interval (at most, 200,000 seconds) to relax security on wireless connections.
5. Select either the ASCII Passphrase or the 256-bit Key radio button.
6. If ASCII Passphrase is selected, specify a 8 to 63 character ASCII string. The ASCII string allows character spaces.
The switch converts the string to a numeric value.
7. To use the 256-bit Key option, enter 16 hexadecimal characters into each of four fields.
8. WPA2-CCMP Mixed Mode enables WPA2-CCMP and WPA-TKIP Clients to operate simultaneously on the network.
Enabling this option allows backwards compatibility for clients that support WPA-TKIP but do not support WPA2-CCMP.
9. The Fast Roaming area provides two fields. Enabling Pre-Authentication enables a client associated with one
Access Port to carry out an 802.1x authentication with another Access Port before it roams over to it. The WS 2000
switch will cache the keying information of the client until it roams to the new Access Port. This enables the roaming
the client to start sending and receiving data sooner by not having to do 802.1x authentication after it roams. Enabling
Opportunistic Key Caching allows the switch to use a Pairwise Master Key (PMK) derived with a client on one
Access Port with the same client when it roams over to another Access Port. Upon roaming the client does not have to
do 802.1x authentication and can start sending/receiving data sooner.
10. Click the Ok button to return to the WLAN security screen.
11. Click the Apply button on the WLAN Security screen to save changes.
KeyGuard
KeyGuard is a proprietary encryption method developed by Symbol Technologies. KeyGuard is Symbol’s enhancement to
WEP encryption and can work with any WEP device. This encryption method rotates WEP keys for devices that support the
method. This encryption implementation is based on the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11i.
1. Select the KeyGuard radio button to enable the KeyGuard encryption method.
2. To use KeyGuard encryption with the No
Authentication selection, click the MCM Key
Settings button to display a sub-screen for entering
keys. (Note that these are the same keys specified
for WEP encryption.
3. Select a Key # radio button to enter to enter or
change a passkey.
4. Specify a pass key string in the Pass Key field. The
pass key can be any alphanumeric string. The
switch, other proprietary routers, and Symbol cards
in mobile units (MUs) use an algorithm to convert an
ASCII string to the same hexadecimal number, but this conversion is not required for a wireless connection.
5. Click the Generate button and the pass key will be entered in the appropriate Key # field.
6. When finished entering pass keys, click the Ok button to close this screen.
7. Click the Apply button on the WLAN Security screen to save changes.
No Encryption
If No Authentication is selected, the No Encryption radio button can disable encryption on this WLAN. If security is not
an issue, this setting avoids the overhead that an encryption protocol demands on the switch’s processor.