Table of Contents
Advertisement
Example
AP(if-wireless g)#multicast-cipher TKIP
AP(if-wireless g)#
wpa-clients
This command defines whether Wi-Fi Protected Access (WPA) is required or
optionally supported for client stations.
Syntax
wpa-clients <required | supported>
• required - Supports only clients using WPA.
• supported - Support clients with or without WPA.
Default Setting
Supported
Command Mode
Interface Configuration (Wireless)
Command Usage
Wi-Fi Protected Access (WPA) provides improved data encryption, which was
weak in WEP, and user authentication, which was largely missing in WEP.
WPA uses the following security mechanisms.
Enhanced Data Encryption through TKIP
WPA uses Temporal Key Integrity Protocol (TKIP). TKIP provides data
encryption enhancements including per-packet key hashing (i.e., changing the
encryption key on each packet), a message integrity check, an extended
initialization vector with sequencing rules, and a re-keying mechanism.
Enterprise-level User Authentication via 802.1x and EAP
To strengthen user authentication, WPA uses 802.1x and the Extensible
Authentication Protocol (EAP). Used together, these protocols provide strong
user authentication via a central RADIUS authentication server that
authenticates each user on the network before they join it. WPA also employs
"mutual authentication" to prevent a wireless client from accidentally joining a
rogue network.
Example
AP(if-wireless g)#wpa-client required
AP(if-wireless g)#
Related Commands
wpa-mode (7-82)
Wireless Interface Commands
7
7-81
Advertisement
Table of Contents
