Configuring Wpa; Wpa Cipher Suites - D-Link DWS-1008 - AirPremier MobileLAN Switch Product Manual
8 port 10/100 wireless switch with power over ethernet
Hide thumbs
Also See for DWS-1008 - AirPremier MobileLAN Switch:
- Cli reference manual (531 pages) ,
- User manual (454 pages) ,
- Installation manual (17 pages)
Table of Contents
Advertisement
The table below lists the encryption types supported by MSS and their default states.
Encryption Type
RSN
WPA
Dynamic WEP
(WPA and RSNnot
Static WEP
(WPA and RSNnot
Wi-Fi Protected Access (WPA) is a security enhancement to the IEEE 802.11 wireless standard. WPA
provides enhanced encryption with new cipher suites and provides per-packet message integrity
checks. WPA is based on the 802.11i standard. You can use WPA with 802.1X authentication. If the
client does not support 802.1X, you can use a preshared key on the access point and the client for
authentication.
WPA supports the following cipher suites for packet encryption, listed from most secure to least
secure:
• Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
(CCMP)—CCMP provides Advanced Encryption Standard (AES) data encryption. To
provide message integrity, CCMP uses the Cipher Block Chaining Message Authentication
Code (CBC-MAC).
• Temporal Key Integrity Protocol (TKIP)—TKIP uses the RC4 encryption algorithm, a 128-
bit encryption key, a 48-bit initialization vector (IV), and a message integrity code (MIC)
called Michael.
• Wired Equivalent Privacy (WEP) with 104-bit keys—104-bit WEP uses the RC4 encryption
algorithm with a 104-bit key.
• WEP with 40-bit keys—40-bit WEP uses the RC4 encryption algorithm with a 40-bit key.
You can configure access points to support one or more of these cipher suites. For all of these cipher
suites, MSS dynamically generates unique session keys for each session. MSS periodically changes
the keys to reduce the likelihood that a network intruder can intercept enough frames to decode a key.
D-Link DWS-1008 User Manual
Client Support
Default State
RSN clients
Disabled
Non-RSN clients
WPA clients
Disabled
Non-WPA clients
WEP clients
Enabled
supported)
WEP clients
Disabled
supported)
Configuring WPA
WPA Cipher Suites
Configuration Required in MSS
• Enable the RSN information element (IE).
• Specify the supported cipher suites (CCMP, TKIP, 40-bit
WEP, 104-bit WEP).
TKIP is enabled by default when the RSN IE is enabled.
• Enable the WPA information element (IE).
• Specify the supported cipher suites (CCMP, TKIP, 40-bit
WEP, 104-bit WEP).
TKIP is enabled by default when the WPA IE is enabled.
None
• Configure the static key(s).
• Assign keys to multicastand unicast traffic.
1
Advertisement
Table of Contents
