Dynamic Wep Key Exchange - ZyXEL Communications MWR102 User Manual

Dynamic WEP Key Exchange

The AP maps a unique key that is generated with the RADIUS server. This key expires when the
wireless connection times out, disconnects or reauthentication times out. A new WEP key is
generated each time reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless
screen. You may still configure and store keys here, but they will not be used while Dynamic
WEP is enabled.
Note: EAP-MD5 cannot be used with dynamic WEP key exchange
For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use
dynamic keys for data encryption. They are often deployed in corporate environments, but for
public deployment, a simple user name and password pair is more practical. The following table
is a comparison of the features of authentication types.
Table 39 Comparison of EAP Authentication Types
Mutual Authentication
Certificate – Client
Certificate – Server
Dynamic Key Exchange
Credential Integrity
Deployment Difficulty
Client Identity Protection
EAP-MD5 EAP-TLS
No Yes
No Yes
No Yes
No Yes
None Strong
Easy Hard
No No
EAP-TTLS PEAP
Yes Yes
Optional Optional
Yes Yes
Yes Yes
Strong Strong
Moderate Moderate
Yes Yes
136
LEAP
Yes
No
No
Yes
Moderate
Moderate
No