Cisco Cisco Aironet 340 Ethernet Bridges Guia Do Utilizador
4 - 10 Aironet 340 Series Bridge
The “Encryption” value may also be set to “mixed’. In this mode a root
or repeater bridge will accept association from clients that have encryp-
tion turned on or off. In this case only data packets between nodes that
both support it will be encrypted. Multicast packets will be sent in the
clear so that all nodes may see them.
or repeater bridge will accept association from clients that have encryp-
tion turned on or off. In this case only data packets between nodes that
both support it will be encrypted. Multicast packets will be sent in the
clear so that all nodes may see them.
CAUTION
: We do not recommend the use of “mixed” mode. If a client with
encryption enabled sends a multicast packet to its parent, the packet will
be encrypted. The parent will then decrypt the packet and re-transmit it in
the clear to the cell for the other nodes to see. Seeing a packet in both
encrypted and un-encrypted form can greatly aid in breaking a key. This
mode is only included for compatibility with other vendors.
be encrypted. The parent will then decrypt the packet and re-transmit it in
the clear to the cell for the other nodes to see. Seeing a packet in both
encrypted and un-encrypted form can greatly aid in breaking a key. This
mode is only included for compatibility with other vendors.
The 802.11 protocol specifies a procedure in which a client must authen-
ticate with a parent before it can associate. The “open” method of
authentication is essentially a null operation. All clients will be allowed
to authenticate. With the “shared key” the parent send the client a chal-
lenge text which the client encrypts and sends back to the parent. If the
parent can de-crypt it correctly the client is authenticated.
ticate with a parent before it can associate. The “open” method of
authentication is essentially a null operation. All clients will be allowed
to authenticate. With the “shared key” the parent send the client a chal-
lenge text which the client encrypts and sends back to the parent. If the
parent can de-crypt it correctly the client is authenticated.
CAUTION
: With the “shared-key” mode, since a clear text and encrypted
version of the same data is transmitted on the air, we again do not recom-
mend its use. It does not really gain you anything, since if the user’s key
is wrong the unit will not be able to de-crypt any of his packets and they
cannot gain access to the network.
mend its use. It does not really gain you anything, since if the user’s key
is wrong the unit will not be able to de-crypt any of his packets and they
cannot gain access to the network.
The “Client” option determines the authentication mode that the client
nodes are allowed to use to associate to the unit. The values allowed are
“open”, “shared-key”, or “both”.
nodes are allowed to use to associate to the unit. The values allowed are
“open”, “shared-key”, or “both”.
The “Auth” is used on repeater bridges to determine which authentica-
tion mode the unit will use to connect with its parent. The allowed val-
ues are “open” or “shared-key”.
tion mode the unit will use to connect with its parent. The allowed val-
ues are “open” or “shared-key”.