Chapter 4
Security Setup
Figure 4-3
•
Figure 4-4
•
OL-2159-03
Sequence for MAC-Based Authentication
Client
device
1. Authentication request
2. Identity request
3. MAC address
(relay to client)
Open—Allows any device to authenticate and then attempt to communicate
with the access point. Using open authentication, any wireless device can
authenticate with the access point, but the device can only communicate if its
WEP keys match the access point's. Devices not using WEP do not attempt
to authenticate with an access point that is using WEP. Open authentication
does not rely on a RADIUS server on your network.
Figure 4-4
shows the authentication sequence between a device trying to
authenticate and an access point using open authentication. In this example,
the device's WEP key does not match the access point's key, so it can
authenticate but not pass data.
Sequence for Open Authentication
Access point
or bridge
with WEP key = 123
1. Authentication request
2. Authentication response
Shared key—Cisco provides shared key authentication to comply with the
IEEE 802.11b standard. However, because of shared key's security flaws, we
recommend that you avoid using it.
Cisco Aironet 1200 Series Access Point Software Configuration Guide
Wired LAN
Access point
or bridge
(relay to server)
4. Successful authentication
Security Overview
Server
Client device
with WEP key = 321
4-7