Authenticated Key Management; Encryption Methods - Cisco 7925G Administration Manual

Unified wireless ip phone

Hide thumbs Also See for 7925G:

Administration manual (244 pages)

User manual (176 pages)

Deployment manual (150 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

Table of Contents

VoIP Wireless Network

Auto (AKM)

This section describes the following concepts:

•

Authenticated Key Management

The following authentication schemes use the RADIUS server to manage authentication keys:

Wi-Fi Protected Access (WPA)

Cisco Centralized Key Management (CCKM)

With WPA and CCKM, encryption keys are not entered on the phone, but are automatically derived between

the AP and phone. The EAP username and password that are used for authentication must be entered on each

phone.

Authenticated key management supports WPA/WPA2-PSK and WPA/WPA2/802.1x+WEP utilizing LEAP

for the EAP type. CCKM can optionally be used with WPA/WPA2/802.1x+WEP mode.

Encryption Methods

To ensure that voice traffic is secure, the Cisco Unified Wireless IP Phone supports WEP, TKIP, and Advanced

Encryption Standards (AES) for encryption. When using these mechanisms for encryption, both the signaling

Skinny Client Control Protocol (SCCP) packets and voice Real-Time Transport Protocol (RTP) packets are

encrypted between the AP and the wireless IP phone.

WEP

Selects the 802.11 Authentication mechanism automatically from the configuration information exhibited

by the AP. Supports WPA/WPA2-PSK or LEAP with 802.1x+WEP or WPA/WPA2.

Authenticated Key Management, on page 41

Encryption Methods, on page 41

Uses information on a RADIUS server to generate unique keys for authentication. Because these keys

are generated at the centralized RADIUS server and are not saved on the phone or AP, WPA provides

more security than WPA Pre-Shared Key (WPA PSK). WPA2 provides more security than WPA.

Uses information on a RADIUS server and a wireless domain server (WDS) to manage and authenticate

keys. The WDS creates a cache of security credentials for CCKM-enabled client devices for fast and

secure reauthentication.

When using WEP in the wireless network, authentication happens at the AP by using open or shared-key

authentication. The WEP key that is set up on the phone must match the WEP key that is configured

at the AP for successful connections. The Cisco Unified Wireless IP Phone supports WEP keys that

use 40-bit encryption or a 128-bit encryption and remain static on the phone and AP.

EAP and CCKM authentication can use WEP keys for encryption. The RADIUS server manages the

WEP key and passes a unique key to the AP after authentication for encrypting all voice packets;

consequently, these WEP keys can change with each authentication.

Cisco Unified Wireless IP Phone 7925G, 7925G-EX, and 7926G Administration Guide

Authenticated Key Management

Table of Contents

This manual is also suitable for:

7925g-ex 7926g

Authenticated Key Management; Encryption Methods - Cisco 7925G Administration Manual

Authenticated Key Management

Encryption Methods

Related Manuals for Cisco 7925G

Related Content for Cisco 7925G

This manual is also suitable for:

Table of Contents