Cisco Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch 관리 매뉴얼
Wireless
Networks
Cisco WAP131 and WAP351 Administration Guide
94
5
If the network has a mix of clients, some of which support WPA2 and others
which support only the original WPA, select both of the check boxes. This
setting lets both WPA and WPA2 client stations associate and authenticate,
but uses the more robust WPA2 for clients who support it. This WPA
configuration allows more interoperability in place of some security.
which support only the original WPA, select both of the check boxes. This
setting lets both WPA and WPA2 client stations associate and authenticate,
but uses the more robust WPA2 for clients who support it. This WPA
configuration allows more interoperability in place of some security.
WPA clients must have one of these keys to be able to associate with the
WAP device:
WAP device:
-
A valid TKIP key
-
A valid AES-CCMP key
•
Key—The shared secret key for WPA Personal security. Enter a string of at
least 8 characters to a maximum of 63 characters. Acceptable characters
include uppercase and lowercase alphabetic letters, the numeric digits, and
special symbols such as @ and #.
least 8 characters to a maximum of 63 characters. Acceptable characters
include uppercase and lowercase alphabetic letters, the numeric digits, and
special symbols such as @ and #.
•
Show Key as Clear Text—When enabled, the text you type is visible. When
disabled, the text is not masked as you enter it.
disabled, the text is not masked as you enter it.
•
Key Strength Meter—The WAP device checks the key against complexity
criteria such as how many different types of characters (uppercase and
lowercase alphabetic letters, numbers, and special characters) are used
and how long the string is. If the WPA-PSK complexity check feature is
enabled, the key is not accepted unless it meets the minimum criteria. See
criteria such as how many different types of characters (uppercase and
lowercase alphabetic letters, numbers, and special characters) are used
and how long the string is. If the WPA-PSK complexity check feature is
enabled, the key is not accepted unless it meets the minimum criteria. See
for information on configuring the complexity check.
•
Broadcast Key Refresh Rate—The interval at which the broadcast (group)
key is refreshed for clients associated with this VAP. The default is 300
seconds and the valid range is from 0 to 86400 seconds. A value of 0
indicates that the broadcast key is not refreshed.
key is refreshed for clients associated with this VAP. The default is 300
seconds and the valid range is from 0 to 86400 seconds. A value of 0
indicates that the broadcast key is not refreshed.
WPA Enterprise
WPA Enterprise with RADIUS is an implementation of the Wi-Fi Alliance IEEE
802.11i standard, which includes CCMP (AES), and TKIP encryption. The
Enterprise mode requires the use of a RADIUS server to authenticate the users.
802.11i standard, which includes CCMP (AES), and TKIP encryption. The
Enterprise mode requires the use of a RADIUS server to authenticate the users.
This security mode is backwards-compatible with the wireless clients that
support the original WPA.
support the original WPA.
The dynamic VLAN mode is enabled by default, which allows the RADIUS
authentication server to decide which VLAN is used for the stations.
authentication server to decide which VLAN is used for the stations.