Accton Wireless Broadband Corp. FIU176205000W Manual De Usuario
System Configuration
5-30
5
- WPA Enterprise or WPA2 Enterprise:
The WPA Enterprise mode uses IEEE
802.1X as its basic framework for user
authentication and dynamic key
management. IEEE 802.1X access security uses Extensible Authentication
Protocol (EAP) and requires a configured RADIUS authentication server to be
accessible in the enterprise network. If you select WPA or WPA2 Enterprise
mode, be sure to configure the RADIUS settings. See “RADIUS” on page 5-32
for more information.
802.1X as its basic framework for user
authentication and dynamic key
management. IEEE 802.1X access security uses Extensible Authentication
Protocol (EAP) and requires a configured RADIUS authentication server to be
accessible in the enterprise network. If you select WPA or WPA2 Enterprise
mode, be sure to configure the RADIUS settings. See “RADIUS” on page 5-32
for more information.
- WPA/WPA2 Personal: The WPA/
WPA2 Personal Mode allows both
WPA and WPA2 clients to join the
network. The WPA Preshared Key can
be input as ASCII string (8-63
characters) or Hexadecimal format (length is 64). All wireless clients must be
configured with the same key to communicate with the VAP interface.
WPA and WPA2 clients to join the
network. The WPA Preshared Key can
be input as ASCII string (8-63
characters) or Hexadecimal format (length is 64). All wireless clients must be
configured with the same key to communicate with the VAP interface.
- WPA/WPA2 Enterprise: Defines a
transitional mode of operation for
networks moving from WPA security to
WPA2. WPA/WPA2 Enterprise Mode
allows both WPA and WPA2 clients to
associate to a common SSID interface. In WPA/WPA2 mixed mode, the unicast
encryption cipher (TKIP or AES-CCMP) is negotiated for each client. The access
point advertises its supported encryption ciphers in beacon frames and probe
responses. WPA and WPA2 clients select the cipher they support and return the
choice in the association request to the access point. For mixed-mode operation,
the cipher used for broadcast frames is always TKIP. WEP encryption is not
allowed.
networks moving from WPA security to
WPA2. WPA/WPA2 Enterprise Mode
allows both WPA and WPA2 clients to
associate to a common SSID interface. In WPA/WPA2 mixed mode, the unicast
encryption cipher (TKIP or AES-CCMP) is negotiated for each client. The access
point advertises its supported encryption ciphers in beacon frames and probe
responses. WPA and WPA2 clients select the cipher they support and return the
choice in the association request to the access point. For mixed-mode operation,
the cipher used for broadcast frames is always TKIP. WEP encryption is not
allowed.
• Encryption Type – Selects the data encryption type to use. (Default: determined
by the Authentication Mode selected)
- None: Disables data encryption.
- WEP: Selects WEP keys for data
- None: Disables data encryption.
- WEP: Selects WEP keys for data
encryption.
- TKIP: Uses Temporal Key Integrity
Protocol (TKIP) keys for encryption. WPA specifies TKIP as the data encryption
method to replace WEP. TKIP avoids the problems of WEP static keys by
dynamically changing data encryption keys.
method to replace WEP. TKIP avoids the problems of WEP static keys by
dynamically changing data encryption keys.
- AES: Uses Advanced Encryption Standard (AES) keys for encryption. WPA2
uses AES Counter-Mode encryption with Cipher Block Chaining Message
Authentication Code (CBC-MAC) for message integrity. The AES
Counter-Mode/CBCMAC Protocol (AES-CCMP) provides extremely robust data
confidentiality using a 128-bit key. Use of AES-CCMP encryption is specified as
a standard requirement for WPA2. Before implementing WPA2 in the network,
be sure client devices are upgraded to WPA2-compliant hardware.
Authentication Code (CBC-MAC) for message integrity. The AES
Counter-Mode/CBCMAC Protocol (AES-CCMP) provides extremely robust data
confidentiality using a 128-bit key. Use of AES-CCMP encryption is specified as
a standard requirement for WPA2. Before implementing WPA2 in the network,
be sure client devices are upgraded to WPA2-compliant hardware.