user manual
3-21
Cisco Aironet 1200 Seres Access Point Software Configuration Guide
OL-2159-05
Chapter 3 Radio Configuration and Basic Settings
Radio Configuration
Temporal Key Integrity Protocol
This setting enables the temporal key integrity protocol (TKIP, also known as WEP key hashing), which
defends against an attack on WEP in which the intruder uses the unencrypted initialization vector (IV)
in encrypted packets to calculate the WEP key. WEP key hashing removes the predictability that an
intruder relies on to determine the WEP key by exploiting IVs. Select Cisco from the pull-down menu
and click Apply to enable WEP key hashing.
Note To use TKIP, the Use Aironet Extensions setting on the AP Radio Advanced page must be set to yes (the
default setting).
Note When you enable TKIP, all WEP-enabled client devices associated to the access point must support WEP
key hashing. WEP-enabled devices that do not support TKIP cannot communicate with the access point.
Broadcast WEP Key rotation interval (sec)
This option enables broadcast key rotation by setting a key rotation interval. With broadcast, or
multicast, WEP key rotation enabled, the access point provides a dynamic broadcast WEP key and
changes it at the interval you select. Broadcast key rotation is an excellent alternative to TKIP if your
wireless LAN supports wireless client devices that are not Cisco devices or that cannot be upgraded to
the latest firmware for Cisco client devices.
To enable broadcast key rotation, enter the rotation interval in seconds in the Broadcast WEP Key
rotation interval entry field. If you enter 900, for example, the access point sends a new broadcast WEP
key to all associated client devices every 15 minutes. To disable broadcast WEP key rotation, enter 0.
Note When you enable broadcast key rotation, only wireless client devices using LEAP or EAP-TLS
authentication can use the access point. Client devices using static WEP (with open, shared key, or
EAP-MD5 authentication) cannot use the access point when you enable broadcast key rotation.
Note If you enable Broadcast Key Rotation on one of the radios in a dual-radio access point, Broadcast Key
Rotation is automatically enabled on the other radio, also.
Advanced Primary SSID Setup Link
This link takes you to the AP Radio Primary SSID page, from which you can configure the primary SSID
settings. From this page, you configure IEEE 802.11x authentication, EAP, unicast address filters, and
the maximum number of associations for the radio’s primary SSID.
The more link takes you to the AP Radio Internal Service Set Setup page.
Preferred Access Points
Use these fields to set up a chain of repeater access points (access points without an Ethernet connection;
see Figure 3-3). Repeater access points function best when they associate with specific access points
connected to the wired LAN. You use these fields to specify the access points that provide the most
efficient data transmission link for the repeater.