Ieee 802.1X; Figure 10. Providing A Wireless Client With A Wep Key - D-Link DWL-3500AP - AirPremier Wireless Switching 108G Access Point Administrator's Manual

4 Configuring Access Point Security
For this example, the administrator sets WEP key 3 in the wireless network properties of a
Windows client.

Figure 10. Providing a Wireless Client with a WEP Key

Additional wireless clients also need to have one of the WEP keys defined on the AP. The
administrator can assign the same WEP key that the first client has, or the administrator can
give the second station a different WEP key (key 2, for example) so that the two stations
cannot decrypt each other's transmissions.

IEEE 802.1X

IEEE 802.1X is the standard defining port-based authentication and infrastructure for doing
key management. Extensible Authentication Protocol (EAP) messages are sent over an IEEE
802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL).
IEEE 802.1X provides dynamically-generated keys that are periodically refreshed. An RC4
stream cipher is used to encrypt the frame body and perform a cyclic redundancy check (CRC)
on each 802.11 frame.
This mode requires the use of an external RADIUS server to authenticate users. The access
point requires a RADIUS server capable of EAP, such as the Microsoft Internet
Authentication Server. To work with Windows clients, the authentication server must support
Protected EAP (PEAP) and MSCHAP V2.
You can use any of a variety of authentication methods that the IEEE 802.1X mode supports,
including certificates, Kerberos, and public key authentication. You must configure the client
stations to use the same authentication method the access point uses.
Configuring Virtual Access Point Security 49