Wi-Fi Protected Access (Wpa) - Nortel 120 Using Manual

Business access point

Hide thumbs Also See for 120:

Quick install manual (2 pages)

Release note (10 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Table of Contents

100 System conﬁguration management

Encryption—Enable or disable the access point to use data encryption

(WEP, TKIP, or AES). If this option is selected when using static WEP keys,

you must conﬁgure at least one key on the access point and all clients.

(Default: Disabled)

Wi-Fi Protected Access (WPA)

WPA employs a combination of several technologies to provide an enhanced

security solution for 802.11 wireless networks.

The access point supports the following WPA components and features:

IEEE 802.1X and the Extensible Authentication Protocol (EAP):

WPA employs 802.1X as its basic framework for user authentication

and dynamic key management. The 802.1X client and RADIUS server

must use an appropriate EAP type—such as EAP-TLS (Transport Layer

Security), EAP-TTLS (Tunneled TLS), or PEAP (Protected EAP)—for

strongest authentication. Working together, these protocols provide mutual

authentication between a client, the access point, and a RADIUS server that

prevents users from accidentally joining a rogue network. Only when a

RADIUS server has authenticated a user's credentials are encryption keys

sent to the access point and client.

Temporal Key Integrity Protocol (TKIP): WPA speciﬁes TKIP as the data

encryption method to replace WEP. TKIP avoids the problems of WEP static

keys by dynamically changing data encryption keys. Basically, TKIP starts

with a master (temporal) key for each user session and then mathematically

generates other keys to encrypt each data packet. TKIP provides further

data encryption enhancements by including a message integrity check for

each packet and a rekeying mechanism, which periodically changes the

master key.

WPA Preshared Key Mode (WPA-PSK, WPA2-PSK): For enterprise

deployment, WPA requires a RADIUS authentication server to be conﬁgured

on the wired network. However, for small ofﬁce networks that do not have

the resources to conﬁgure and maintain a RADIUS server, WPA provides

a simple operating mode that uses just a preshared password for network

access. The Pre-Shared Key mode uses a common password for user

authentication that is manually entered on the access point and all wireless

clients. The PSK mode uses the same TKIP packet encryption and key

management as WPA in the enterprise, providing a robust and manageable

alternative for small networks.

Note: You must enable data encryption through the Web to enable all

types of encryption (WEP, TKIP, or AES) in the access point.

Note: To implement WPA on wireless clients requires a WPA-enabled

network card driver and 802.1X client software that supports the EAP

authentication type that you want to use. Windows XP provides native

WPA support, other systems require additional software.

Using the Nortel Business Access Point 120

NN47921-301 01.01 Standard

1.0 August 2006

BAP120

Nortel Networks Conﬁdential

Table of Contents

Show Quick Links

Quick Links:
Conﬁguring the Network

Hide quick links:

Table of Contents

Wi-Fi Protected Access (Wpa) - Nortel 120 Using Manual

Wi-Fi Protected Access (WPA)

Hide quick links:

Troubleshooting

Related Manuals for Nortel 120

Related Content for Nortel 120

Table of Contents