User Manual
14
■ 802.1X security
Enables 802.1X security. This option requires IT administration. This option includes the
EAP (with dynamic WEP keys) security protocols: EAP, PEAP, and LEAP. 802.1X is the
standard for wireless LAN security defined by IEEE as 802.1X for 802.11, or simply
802.1X. An AP that supports 802.1X and its protocol, EAP, acts as the interface between
a wireless client and an authentication server such as RADIUS server, to which the AP
communicates over the wired network.
■ Pre-shared key security (Static WEP)
Enables the use of up to four pre-shared (static WEP) keys defined on both the AP and
the station (STA). These keys are stored in an encrypted format in the registry of the
Windows device. When the driver loads and reads the client adapter's registry parameters,
it also finds the static WEP keys, decrypts them, and stores them in volatile memory on
the adapter. If a device receives a packet that is not encrypted with the appropriate key
(as the WEP keys of all devices that are to communicate with each other must match), the
device discards the packet and never delivers it to the intended receiver.
Authentication Sequence
Enabling EAP on the AP and configuring the client adapter to LEAP, EAPTLS, PEAP
(EAP-GTC), or PEAP (EAP-MSCHAP V2) authentication to the network occurs in the
following sequence:
1. The client associates to an AP and begins authentication.
2. Communicating through the AP, the client and RADIUS server complete authentication
with the password (LEAP and PEAP) or certificate (EAP-TLS). The password is never
transmitted during the process.
3. After successful authentication, the client and RADIUS server derive a dynamic WEP
key unique to the client.
4. The RADIUS server transmits the key to the AP using a secure channel on the wired
LAN.
5. For the length of a session, the AP and the client use this key to encrypt or decrypt all
unicast and broadcast packets.
EAP Security
To use EAP security, access the Security tab in Profile Management.