Table of Contents
Advertisement
Understanding Authentication Types
Open Authentication to the WMIC
Open authentication allows any wireless device to authenticate and then attempt to communicate with
another wireless device. Open authentication does not rely on a RADIUS server on your network.
Figure 0-1
authentication. In this example, the non-root bridge's WEP key does not match the bridge's key, so it can
authenticate but it cannot pass data.
Figure 0-1
Switch on
LAN 1
Shared Key Authentication to the WMIC
Cisco provides shared key authentication to comply with the IEEE 802.11b and IEEE 802.11g standards.
However, because of shared key's security flaws, we recommend that you use another method of
authentication, such as EAP, in environments in which security is an issue.
During shared key authentication, the root device sends an unencrypted challenge text string to the client
device that is attempting to communicate with the root device. The client device that is requesting
authentication encrypts the challenge text and then sends it back to the root device.
Both the unencrypted challenge and the encrypted challenge can be monitored, however, which leaves
the root device open to attack from an intruder who can calculate the WEP key by comparing the
unencrypted and encrypted text strings.
Figure 0-2
shared key authentication. In this example the device's WEP key matches the bridge's key, so it can both
authenticate and communicate.
Cisco 3200 Series Wireless MIC Software Configuration Guide
2
shows the authentication sequence between a non-root bridge and a root device using open
Sequence for Open Authentication
Non-Root Bridge
with
WEP key = 321
1. Authentication request
2. Authentication response
shows the authentication sequence between a device trying to authenticate and a bridge using
Switch on
Root Bridge
LAN 2
with
WEP key = 123
Authentication Types
Hide quick links:
Advertisement
Table of Contents
