Specifications
Cisco Unified Wireless IP Phone 7921G Series Deployment Guide 70
• The AKM security mode is an auto authentication mode that can use either LEAP for 802.1x authentication or
WPA Pre-Shared Key.
• If using 802.11i (Pre-Shared key), enter the ASCII or hexadecimal formatted key.
Pre-Shared Key requires that a passphrase be entered in ASCII or hexadecimal format.
ASCII = 8-63 characters
HEX = 64 characters (0-9,A-F)
• AKM mode requires a key management type to be enabled on the Access Point.
For 802.1x authentication methods, WPA, WPA2 or CCKM is required.
For non-802.1x authentication, WPA-PSK or WPA2-PSK is required.
• If using open authentication plus WEP encryption or shared key authentication, enter the static WEP key
information that matches the access point configuration.
Note: CCKM will be negotiated if enabled on the Access Point when using 802.1x authentication with LEAP, EAP-FAST,
EAP-TLS, PEAP or AKM modes.
WEP with AKM is only applicable with 802.1x authentication (not WPA-PSK).
If using 802.1x authentication via LEAP, EAP-FAST, PEAP or AKM (authenticated key-management) authentication modes,
then a username and password must be configured. AKM mode will use LEAP as the 802.1x method.
• Select whether to use Dynamic Host Configuration Protocol (DHCP) or configure static IP information.
• If option 150 or 66 is not configured to provide the TFTP server IP address via the network’s DHCP scope, then enter
the TFTP server IP address info.
• To enable PEAP with server validation, select “Validate Server Certificate” after importing the authentication server
certificate.
• When using EAP-TLS, select either “Manufacturing Issued” or “User Installed” for the “Client EAP-TLS
Certificate” option after selecting EAP-TLS.
Note: WEP128 is listed as WEP104 on the Cisco Unified Wireless LAN Controllers.