Dynamic WEP Key Exchange
The AP maps a unique key that is generated with the RADIUS server. This key
expires when the wireless connection times out, disconnects or reauthentication
times out. A new WEP key is generated each time reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default encryption key
in the Wireless screen. You may still configure and store keys here, but they will
not be used while Dynamic WEP is enabled.
Note: EAP-MD5 cannot be used with dynamic WEP key exchange
For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and
PEAP) use dynamic keys for data encryption. They are often deployed in
corporate environments, but for public deployment, a simple user name and
password pair is more practical. The following table is a comparison of the
features of authentication types.
Table 92 Comparison of EAP Authentication Types
Mutual Authentication
Certificate – Client
Certificate – Server
Dynamic Key Exchange
Credential Integrity
Deployment Difficulty
Client Identity
Protection
MWR211 User's Guide
EAP-MD5
EAP-TLS
No
Yes
No
Yes
No
Yes
No
Yes
None
Strong
Easy
Hard
No
No
270
EAP-TTLS
PEAP
Yes
Yes
Optional
Optional
Yes
Yes
Yes
Yes
Strong
Strong
Moderate
Moderate
Yes
Yes
LEAP
Yes
No
No
Yes
Moderate
Moderate
No