Cisco WAP371 Administration Manual page 78

Cisco wireless-ac/n dual radio access point with single point setup

Hide thumbs Also See for WAP371:

Quick start manual (38 pages)

Manual (5 pages)

Manual (4 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

page of 166

/ 166
Contents
Table of Contents
Bookmarks

Table of Contents

Wireless

Networks

Cisco Small Business WAP371 Wireless Access Point Administration Guide

Both Open System and Shared Key. When you select both authentication

algorithms, client stations configured to use WEP in shared key mode must have a

valid WEP key in order to associate with the WAP device. Also, client stations

configured to use WEP as an open system (shared key mode not enabled) can

associate with the WAP device even if they do not have the correct WEP key.

Static WEP Rules

If you use Static WEP, these rules apply:

•

All client stations must have the Wireless LAN (WLAN) security set to WEP, and all

clients must have one of the WEP keys specified on the WAP device in order to decode

AP-to-station data transmissions.

•

The WAP device must have all keys used by clients for station-to-AP transmit so that it

can decode the station transmissions.

•

The same key must occupy the same slot on all nodes (AP and clients). For example, if

the WAP device defines abc123 key as WEP key 3, then the client stations must define

that same string as WEP key 3.

•

Client stations can use different keys to transmit data to the access point. (Or they can

all use the same key, but using the same key is less secure because it means one station

can decrypt the data being sent by another.)

•

On some wireless client software, you can configure multiple WEP keys and define a

client station transfer key index, and then set the stations to encrypt the data they

transmit using different keys. This ensures that neighboring access points cannot

decode other access point transmissions.

•

You cannot mix 64-bit and 128-bit WEP keys between the access point and its client

stations.

Dynamic WEP

Dynamic WEP refers to the combination of 802.1x technology and the Extensible

Authentication Protocol (EAP). With Dynamic WEP security, WEP keys are changed

dynamically.

EAP messages are sent over an IEEE 802.11 wireless network using a protocol called EAP

Encapsulation Over LANs (EAPOL). IEEE 802.1X provides dynamically generated keys that

are periodically refreshed. An RC4 stream cipher is used to encrypt the frame body and cyclic

redundancy checking (CRC) of each 802.11 frame.

This mode requires the use of an external RADIUS server to authenticate users. The WAP

device requires a RADIUS server that supports EAP, such as the Microsoft Internet

Authentication Server. To work with Microsoft Windows clients, the authentication server

must support Protected EAP (PEAP) and MSCHAP V2.

Table of Contents

Show Quick Links

Quick Links:
Starting the Web-Based Configuration Utility
Using the Access Point Setup Wizard
Networks

Hide quick links:

Table of Contents

Cisco WAP371 Administration Manual page 78

Hide quick links:

Related Manuals for Cisco WAP371

Related Products for Cisco WAP371

Table of Contents